From 830164fcd0054a4fd895fa79dbd77dd5cc47871c Mon Sep 17 00:00:00 2001 From: Ying Lu Date: Mon, 19 Dec 2016 13:07:50 -0800 Subject: [PATCH] Add docker-compose files. --- .env | 5 + README-datapower.md | 191 ++ README-microgateway.md | 171 ++ README.md | 64 + config-ssh-keys/Dockerfile | 6 + config-ssh-keys/genkey.sh | 12 + datapower/Dockerfile | 7 + datapower/src/drouter/config/auto-startup.cfg | 699 +++++ datapower/src/drouter/config/auto-user.cfg | 13 + .../src/drouter/config/reset-password.cfg | 13 + datapower/src/start.sh | 26 + datapower/src/start/debug.sh | 69 + datapower/src/start/loadbalancer-group.sh | 25 + datapower/src/start/reset-password.sh | 19 + .../src/start/vbox-inotify-workaround.sh | 25 + datapower/src/start/web-mgmt.sh | 22 + docker-compose-microgateway.yaml | 128 + docker-compose.yaml | 122 + elasticsearch-master/Dockerfile | 5 + .../config/master/elasticsearch.yml | 8 + .../config/master/logging.yml | 17 + microgateway/Dockerfile | 29 + microgateway/app.sh | 115 + microgateway/env.yaml | 6 + microgateway/set-config/LICENSE.txt | 2694 +++++++++++++++++ microgateway/set-config/index.js | 87 + microgateway/set-config/package.json | 21 + microservice/.editorconfig | 13 + microservice/.eslintignore | 0 microservice/.eslintrc | 10 + microservice/.gitignore | 19 + microservice/.npmignore | 16 + microservice/.yo-rc.json | 3 + microservice/CONTRIBUTING.md | 151 + microservice/Dockerfile | 25 + microservice/LICENSE | 25 + microservice/README.md | 251 ++ microservice/app.sh | 77 + microservice/bin/automigrate.js | 37 + microservice/bin/instance-introspection.js | 28 + microservice/client/README.md | 3 + microservice/common/models/account.js | 8 + microservice/common/models/account.json | 23 + .../loopback-example-database-product.yaml | 25 + .../loopback-example-database.yaml | 1115 +++++++ microservice/package.json | 31 + microservice/server/boot/authentication.js | 9 + microservice/server/boot/root.js | 11 + microservice/server/component-config.json | 5 + microservice/server/config.json | 23 + microservice/server/datasources.json | 6 + microservice/server/middleware.json | 32 + .../server/middleware.production.json | 4 + microservice/server/model-config.json | 39 + microservice/server/server.js | 32 + microservice/test/smoke.js | 11 + sni-proxy/Dockerfile | 5 + sni-proxy/nginx.tmpl | 34 + sni-proxy/run.sh | 8 + 59 files changed, 6678 insertions(+) create mode 100644 .env create mode 100644 README-datapower.md create mode 100644 README-microgateway.md create mode 100644 README.md create mode 100644 config-ssh-keys/Dockerfile create mode 100644 config-ssh-keys/genkey.sh create mode 100644 datapower/Dockerfile create mode 100644 datapower/src/drouter/config/auto-startup.cfg create mode 100644 datapower/src/drouter/config/auto-user.cfg create mode 100644 datapower/src/drouter/config/reset-password.cfg create mode 100755 datapower/src/start.sh create mode 100644 datapower/src/start/debug.sh create mode 100644 datapower/src/start/loadbalancer-group.sh create mode 100644 datapower/src/start/reset-password.sh create mode 100755 datapower/src/start/vbox-inotify-workaround.sh create mode 100644 datapower/src/start/web-mgmt.sh create mode 100644 docker-compose-microgateway.yaml create mode 100644 docker-compose.yaml create mode 100644 elasticsearch-master/Dockerfile create mode 100644 elasticsearch-master/config/master/elasticsearch.yml create mode 100644 elasticsearch-master/config/master/logging.yml create mode 100644 microgateway/Dockerfile create mode 100755 microgateway/app.sh create mode 100644 microgateway/env.yaml create mode 100755 microgateway/set-config/LICENSE.txt create mode 100644 microgateway/set-config/index.js create mode 100644 microgateway/set-config/package.json create mode 100644 microservice/.editorconfig create mode 100644 microservice/.eslintignore create mode 100644 microservice/.eslintrc create mode 100644 microservice/.gitignore create mode 100644 microservice/.npmignore create mode 100644 microservice/.yo-rc.json create mode 100644 microservice/CONTRIBUTING.md create mode 100644 microservice/Dockerfile create mode 100644 microservice/LICENSE create mode 100644 microservice/README.md create mode 100755 microservice/app.sh create mode 100644 microservice/bin/automigrate.js create mode 100644 microservice/bin/instance-introspection.js create mode 100644 microservice/client/README.md create mode 100644 microservice/common/models/account.js create mode 100644 microservice/common/models/account.json create mode 100644 microservice/definitions/loopback-example-database-product.yaml create mode 100644 microservice/definitions/loopback-example-database.yaml create mode 100644 microservice/package.json create mode 100644 microservice/server/boot/authentication.js create mode 100644 microservice/server/boot/root.js create mode 100644 microservice/server/component-config.json create mode 100644 microservice/server/config.json create mode 100644 microservice/server/datasources.json create mode 100644 microservice/server/middleware.json create mode 100644 microservice/server/middleware.production.json create mode 100644 microservice/server/model-config.json create mode 100644 microservice/server/server.js create mode 100644 microservice/test/smoke.js create mode 100644 sni-proxy/Dockerfile create mode 100644 sni-proxy/nginx.tmpl create mode 100755 sni-proxy/run.sh diff --git a/.env b/.env new file mode 100644 index 0000000..b92528c --- /dev/null +++ b/.env @@ -0,0 +1,5 @@ +#ACCEPT_LICENSE=true +APIC_VERSION=v5.0.6.0 +SMTP_HOST=smtp.changeme.com +SMTP_PORT=25 +SMTP_SENDER=someone@changeme.com diff --git a/README-datapower.md b/README-datapower.md new file mode 100644 index 0000000..c40e8ae --- /dev/null +++ b/README-datapower.md @@ -0,0 +1,191 @@ +## Using DataPower Gateway as the gateway service +### 1. Starting all services +``` +$ docker-compose up -d +``` +It will take a few minutes till all services are up. +``` +$ docker-compose ps +``` +From the output, you should see the following services up and running, +``` + Name Command State Ports +------------------------------------------------------------------------------------------------------ +apim /tini -- /startup.sh Up +datapower /start.sh Up 443/tcp +esmaster /docker-entrypoint.sh /bin ... Up 9200/tcp, 9300/tcp +ibmlogstash /bin/sh -c /startup.sh Up +ibmportal /root/tini -- /root/start_ ... Up +make-ssh-keys /bin/sh -c /genkey.sh Exit 0 +microservice /bin/sh -c /usr/bin/app.sh ... Up 8080/tcp +nginx /bin/sh -c /run.sh Up 0.0.0.0:443->443/tcp, 80/tcp +``` +Service `make-ssh-keys` has completed and exited. + +To enable access to all the services with container names, add the following line to your local /etc/hosts file. +``` + apim datapower ibmportal microservice +``` + +### 2. Configuring your cloud +* In a web browser, enter the URL , the cloud console login window opens. +* Enter the Cloud Adminstrator user name and password. The default values are `admin` for the user name and `!n0r1t5@C` for the password. Click `Sign In`. +* In the `License Agreements` page, click `Accept All Licenses, Terms and Notes`. +* In the `Create your profile` page, enter your email, and a new password. Click `Update profile`. +* The Cloud Manager user interface opens. +* Configure the Management service + + Click `Services`. In the `DataPower Services` pane, click the Service Settings icon. Enter + + ``` + Address: datapower + ``` + Click `Save`. + + In the `DataPower Services` pane, click `Add Server` and then enter + + ``` + Display Name: idg + Address: datapower + Username: admin + Password: admin + ``` + + Note the password is the default password to access DataPower service. Click `Save`. +* Add a new provider organization + + In the Cloud Manager, click `Organizations`. Click `Add`, and enter + ``` + Display Name: + Name: + ``` + Click `New User`, and enter + ``` + Email: + ``` + Click `Add`. + + A provider organization has been created. Check your email and click the link to activate the organization. + + Enter your name and password, and click `Sign Up`. + + The provider organization `organization_name` has been activated. + +### 3. Configuring the catalog +* After signed up to the provider organization, the `API Manager` UI opens. Sign in with your email and password. +* Click the Navigate to icon. The API Manager UI navigation pane opens. Click `Dashboard` . You can see the default catalog "Sandbox". +* Enable Portal in the Sandbox catalog + + Select the Sandbox catalog, Click `Settings` > `Portal`. + + From `Select Portal` drop down list, select `IBM Developer Portal`. The URL has been set to: `https://ibmportal/organization_name/sb`, click `Save`. + + After a few minutes, you receive an email with a link to your Developer Portal site for that catalog. The link is a single use only link for the administrator account. When the link is active and you have accessed it, you can change the password of this administrator account. + +### 4. Publishing the LoopBack sample application microservice into the catalog +* You need to install [IBM API Connect Toolkit] on your host. If you haven't installed npm, see [Install Toolkit]. + + ``` + $ npm install -g apiconnect + ``` +* Log into the API Connect server + + ``` + $ cd microservices + $ apic login + Enter the API Connect server + ? Server: apim + ? Username: + ? Password (typing will be hidden) ******** + Logged into apim successfully + ``` +* Publishing the microservice application + + ``` + $ apic publish definitions/loopback-example-database-product.yaml --catalog sb --organization organization_name --server apim + ``` + +### 5. Configuring Developer Portal +* In a web browser, enter url . + You can see the `loopback-example-database 1.0.0` microservice in the `Featured APIs` pane. +* Create a developer account + + Please note, you need to use a different email other than your admin email address. + + Click `Create an account`, enter + ``` + E-mail address + Password + Confirm password + First name + Last name + Developer organization + What code is in the image? + ``` + Your Developer Portal site is activated and you receive a confirmation email as a result. Then, follow the account activation link in the confirmation email to activate your account. +* Log in as a developer + + To use the Developer Portal, click Login and sign in with the user credentials you specified. +* Creating new App in Developer Portal + + In the Developer Portal, click `Apps`. click "Create new App", enter + ``` + Title: microservice + Description: xxx + ``` + Click `Submit`. Your application is displayed. +* Make a note of your client secret because it is only displayed once. You must supply the client secret when you call an API that requires you to identify your application by using a Client ID and Client Secret. + + Note: The client secret cannot be retrieved. If you forget it, you must reset it. +* Optional: The client ID is hidden, to display the client ID for your application, select the Show check box for Client ID. The client ID is displayed and can be hidden again by clearing the check box. +* Optional: You can add an additional client ID and client secret to the application. For more details, see [Registering an application] +* Subscribe to a plan + + Select `API Products`, click `loopback-example-database 1.0.0` icon and enter into the detail page. Click `Subscribe` to subscribe to the default plan. Check `microservice` application, click "Subscribe". + +### 6. Access microservice sample APIs through DataPower Gateway +Note: In the following examples, we are using a sample of Client ID and Client Secret from the previous step. You must replace these values with your own credentials from step 5. +``` +Client ID: ad37d0e2-4551-41f7-a011-88f0447f4560 +Client Secret: yY7xL8hA0iD1tR0qD5hY0kG3rR3nC2eA3mM8iN2yL4hD2bQ2gU +``` + +* Accessing POST API via DataPower Gateway + ``` + $ curl -k --request POST + --url https://datapower/organization_name/sb/api/Accounts \ + --header 'accept: application/json' \ + --header 'content-type: application/json' \ + --header 'x-ibm-client-id: ad37d0e2-4551-41f7-a011-88f0447f4560' \ + --header 'x-ibm-client-secret: yY7xL8hA0iD1tR0qD5hY0kG3rR3nC2eA3mM8iN2yL4hD2bQ2gU' \ + --data '{"email":"ara@ziat.ly","createdAt":"2016-11-26T15:29:45.233Z","lastModifiedAt":"2016-11-25T20:17:02.033Z"}' + ``` + +* Accessing GET API via DataPower Gateway + ``` + $ curl -k --request GET + --url 'https://datapower/organization_name/sb/api/Accounts' \ + --header 'accept: application/json' \ + --header 'content-type: application/json' \ + --header 'x-ibm-client-id: ad37d0e2-4551-41f7-a011-88f0447f4560' \ + --header 'x-ibm-client-secret: yY7xL8hA0iD1tR0qD5hY0kG3rR3nC2eA3mM8iN2yL4hD2bQ2gU' + ``` + +### Known issues +1. DataPower may lose connection to `analytics-lb` after docker container restarts + + In some race condition, when DataPower container or Docker engine restarts, DataPower may lose connection to `analytics-lb`. If you see the following error from DataPower log, + ``` + datapower | 20161202T183348.225Z [APIMgmt_848CDBBB62][0x80e00126][mpgw][error] mpgw(webapi-internal): tid(2097) gtid(2097): Valid backside connection could not be established: Failed to establish a backside connection, url: https://analytics-lb/x2020/v1/events/logevent + ``` + Open , check the status of datapower server in the `DataPower Services` pane. +If server `idg` is marked `INACTIVE`, wait 5 minutes, if it is still `INACTIVE`, click more icon and select `Delete Server`. +Then add the `idg` server back following the instructions in step 2. + +[IBM DataPower Gateway]: +[IBM API Connect]: +[IBM API Connect Toolkit]: +[IBM Developer Portal]: +[LoopBack]: +[Install Toolkit]: +[Registering an application]: diff --git a/README-microgateway.md b/README-microgateway.md new file mode 100644 index 0000000..4b2efcc --- /dev/null +++ b/README-microgateway.md @@ -0,0 +1,171 @@ +## Using Micro Gateway as the gateway service + +### 1. Starting all services +``` +$ docker-compose -f docker-compose-microgateway.yaml up -d +``` +It will take a few minutes till all services are up. +``` +$ docker-compose -f docker-compose-microgateway.yaml ps +``` +From the output, you should see the following services up and running, +``` + Name Command State Ports +-------------------------------------------------------------------------------------- +apim /tini -- /startup.sh Up +esmaster /docker-entrypoint.sh /bin ... Up 9200/tcp, 9300/tcp +ibmlogstash /bin/sh -c /startup.sh Up +ibmportal /root/tini -- /root/start_ ... Up +make-ssh-keys /bin/sh -c /genkey.sh Exit 0 +microgateway /bin/sh -c /usr/bin/app.sh ... Up +microservice /bin/sh -c /usr/bin/app.sh ... Up 8080/tcp +nginx /bin/sh -c /run.sh Up 0.0.0.0:443->443/tcp, 80/tcp +``` + +Service `make-ssh-keys` has completed and exited. + +To enable access to all the services with container names, add the following line to your local /etc/hosts file. +``` + apim ibmportal microgateway microservice +``` + +### 2. Configuring your cloud +* In a web browser, enter the URL , the cloud console login window opens. +* Enter the Cloud Adminstrator user name and password. The default values are `admin` for the user name and `!n0r1t5@C` for the password. Click `Sign In`. +* In the `License Agreements` page, click `Accept All Licenses, Terms and Notes`. +* In the `Create your profile` page, enter your email, and a new password. Click `Update profile`. +* The Cloud Manager user interface opens. +* Add a new provider organization + In the Cloud Manager, click `Organizations`. Click `Add`, and enter + ``` + Display Name: + Name: + ``` + Click `New User`, and enter + ``` + Email: + ``` + Click `Add`. + + A provider organization has been created. Check your email and click the link to activate the organization. + + Enter your name and password, and click `Sign Up`. + + The provider organization `organization_name` has been activated. + +### 3. Configuring the catalog +* After signed up to the provider organization, the `API Manager` UI opens. Sign in with your email and password. +* Click the Navigate to icon. The API Manager UI navigation pane opens. Click `Dashboard` . You can see the default catalog "Sandbox". +* Customize the gateway endpoint + Select the Sandbox catalog, click `Settings` > `Endpoints`. And add + ``` + Custom Gateway URL: https://microgateway/ + ``` + Click `Save`. +* Enable Portal in the Sandbox catalog + + Click `Portal`. + + From `Select Portal` drop down list, select `IBM Developer Portal`. The URL has been set to: `https://ibmportal/organization_name/sb`, click `Save`. + + After a few minutes, you receive an email with a link to your Developer Portal site for that catalog. The link is a single use only link for the administrator account. When the link is active and you have accessed it, you can change the password of this administrator account. + +### 4. Publishing the LoopBack sample application microservice into the catalog +* You need to install [IBM API Connect Toolkit] on your host. If you haven't installed npm, see [Install Toolkit]. + + ``` + $ npm install -g apiconnect + ``` +* Log into the API Connect server + + ``` + $ cd microservices + $ apic login + Enter the API Connect server + ? Server: apim + ? Username: + ? Password (typing will be hidden) ******** + Logged into apim successfully + ``` +* Publishing the microservice application + + ``` + $ apic publish definitions/loopback-example-database-product.yaml --catalog sb --organization organization_name --server apim + ``` + +### 5. Configuring Developer Portal +* In a web browser, enter url . + You can see the `loopback-example-database 1.0.0` microservice in the `Featured APIs` pane. +* Create a developer account + + Please note, you need to use a different email other than your admin email address. + + Click `Create an account`, enter + ``` + E-mail address + Password + Confirm password + First name + Last name + Developer organization + What code is in the image? + ``` + Your Developer Portal site is activated and you receive a confirmation email as a result. Then, follow the account activation link in the confirmation email to activate your account. +* Log in as a developer + + To use the Developer Portal, click Login and sign in with the user credentials you specified. +* Creating new App in Developer Portal + + In the Developer Portal, click `Apps`. click "Create new App", enter + ``` + Title: microservice + Description: xxx + ``` + Click `Submit`. Your application is displayed. +* Make a note of your client secret because it is only displayed once. You must supply the client secret when you call an API that requires you to identify your application by using a Client ID and Client Secret. + + Note: The client secret cannot be retrieved. If you forget it, you must reset it. +* Optional: The client ID is hidden, to display the client ID for your application, select the Show check box for Client ID. The client ID is displayed and can be hidden again by clearing the check box. +* Optional: You can add an additional client ID and client secret to the application. For more details, see [Registering an application] +* Subscribe to a plan + + Select `API Products`, click `loopback-example-database 1.0.0` icon and enter into the detail page. Click `Subscribe` to subscribe to the default plan. Check `microservice` application, click "Subscribe". + + Please note, it will take up to 10 minutes for Micro Gateway to get synced with APIM. After then the subscription credentials will be accepted by Micro Gateway. + +### 6. Access microservice sample APIs through DataPower Gateway +Note: In the following examples, we are using a sample of Client ID and Client Secret from the previous step. You must replace these values with your own credentials from step 5. +``` +Client ID: ad37d0e2-4551-41f7-a011-88f0447f4560 +Client Secret: yY7xL8hA0iD1tR0qD5hY0kG3rR3nC2eA3mM8iN2yL4hD2bQ2gU +``` + +* Accessing POST API via Micro Gateway + ``` + $ curl -k --request POST + --url https://microgateway/api/Accounts \ + --header 'accept: application/json' \ + --header 'content-type: application/json' \ + --header 'x-ibm-client-id: ad37d0e2-4551-41f7-a011-88f0447f4560' \ + --header 'x-ibm-client-secret: yY7xL8hA0iD1tR0qD5hY0kG3rR3nC2eA3mM8iN2yL4hD2bQ2gU' \ + --data '{"email":"ara@ziat.ly","createdAt":"2016-11-26T15:29:45.233Z","lastModifiedAt":"2016-11-25T20:17:02.033Z"}' + ``` + +* Accessing GET API via Micro Gateway + ``` + $ curl -k --request GET + --url 'https://microgateway/api/Accounts' \ + --header 'accept: application/json' \ + --header 'content-type: application/json' \ + --header 'x-ibm-client-id: ad37d0e2-4551-41f7-a011-88f0447f4560' \ + --header 'x-ibm-client-secret: yY7xL8hA0iD1tR0qD5hY0kG3rR3nC2eA3mM8iN2yL4hD2bQ2gU' + ``` + + +[IBM DataPower Gateway]: +[IBM API Connect]: +[IBM API Connect Toolkit]: +[IBM Developer Portal]: +[LoopBack]: +[Install Toolkit]: +[Registering an application]: diff --git a/README.md b/README.md new file mode 100644 index 0000000..2b9e411 --- /dev/null +++ b/README.md @@ -0,0 +1,64 @@ +# IBM API Connect on Docker + +## Overview + +The IBM API Connect on Docker combines the power of [IBM API Connect] and with the flexibility of Docker. + +[IBM API Connect] is an API management solution that addresses critical aspects of the API lifecycle providing the capability to create, run, manage and secure APIs and microservices. + +## Usage + +[IBM API Connect Product Documentation] describes in detail how to use IBM API Connect. + +This package requires a minimum of 8GB RAM and 2 CPUs. + +## License Acceptance + +To use the package, you must accept the license terms. If you do not assert that you have accepted the license, the IBM API Connect services will not start successfully. + +You can view the license files directly in the package LICENSE.txt, non_ibm_license.txt and notices.txt, or with the command +``` +docker run -it --rm --env SHOW_LICENSE=1 ibmcom/apiconnect:manager-v5.0.6.0 +``` + +You can assert license acceptance by specifying the environment variable `ACCEPT_LICENSE=true` in .env file. + +## Environment Setup +Before run the package, you need to edit .env file to access license and set SMTP configuration. +``` +ACCEPT_LICENSE=true (required) +SMTP_HOST=x.x.x.x (required, SMTP server) +SMTP_PORT=25 (required, SMTP port) +SMTP_SENDER=someone@changeme.com (required, the email sender) +SMTP_USERNAME=user@changeme.com (optional, user credential to send email) +SMTP_PASSWORD=xxxxxxxxx (optional, unless SMTP_USERNAME is set) +``` + +## Startup Options + +There are 2 options to run IBM API Connect on Docker package. You can either choose DataPower Gateway or Micro Gateway as your gateway service. Please refer to the following link for detailed steps. + +* [Using DataPower Gateway](https://github.com/strongloop/apiconnect-docker/blob/master/README-datapower.md) +* [Using Micro Gateway](https://github.com/strongloop/apiconnect-docker/blob/master/README-microgateway.md) + +## Links to Resources + +* [IBM API Connect] +* [IBM DataPower Gateway] +* [Micro Gateway] +* [LoopBack] + +## License + +View the license files directly in the package LICENSE.txt, non_ibm_license.txt and notices.txt, or with the command + +``` +docker run -it --rm --env SHOW_LICENSE=1 ibmcom/apiconnect:manager-v5.0.6.0 +``` + +[IBM API Connect Product Documentation]: +[IBM API Connect]: +[IBM DataPower Gateway]: +[Micro Gateway]: +[LoopBack]: + diff --git a/config-ssh-keys/Dockerfile b/config-ssh-keys/Dockerfile new file mode 100644 index 0000000..7d45b21 --- /dev/null +++ b/config-ssh-keys/Dockerfile @@ -0,0 +1,6 @@ +FROM centos +ADD genkey.sh / +RUN yum install -y openssh-clients openssl && \ + chmod +x /genkey.sh +CMD /genkey.sh +VOLUME /keys diff --git a/config-ssh-keys/genkey.sh b/config-ssh-keys/genkey.sh new file mode 100644 index 0000000..b5959f5 --- /dev/null +++ b/config-ssh-keys/genkey.sh @@ -0,0 +1,12 @@ +#!/bin/bash -xe + +if [ ! -f /keys/portal ] ; then + ssh-keygen -f /keys/portal -t rsa -C 'apim_advanced_portal_ssh_key' -N '' +fi + +if [ ! -f /keys/microgw ] ; then + ssh-keygen -f /keys/microgw -t rsa -b 4096 -N '' + openssl rsa -in /keys/microgw -pubout > /keys/microgw.pub +fi + +chown 1000:1000 -R /keys diff --git a/datapower/Dockerfile b/datapower/Dockerfile new file mode 100644 index 0000000..6f8ba22 --- /dev/null +++ b/datapower/Dockerfile @@ -0,0 +1,7 @@ +FROM ibmcom/datapower:latest +ENV DATAPOWER_WORKER_THREADS=2 \ + DATAPOWER_INTERACTIVE=true +COPY src/ / +RUN chmod +x /start.sh /start/vbox-inotify-workaround.sh +EXPOSE 443 +CMD ["/start.sh"] diff --git a/datapower/src/drouter/config/auto-startup.cfg b/datapower/src/drouter/config/auto-startup.cfg new file mode 100644 index 0000000..b851969 --- /dev/null +++ b/datapower/src/drouter/config/auto-startup.cfg @@ -0,0 +1,699 @@ +top; configure terminal; + +# configuration generated Tue Nov 8 06:00:38 2016; firmware version 281259 + +%if% available "domain-settings" + +domain-settings + admin-state enabled + password-treatment masked +exit + +%endif% + +%if% available "radius" + +radius + admin-state disabled + timeout 1000 + retries 3 +exit + +%endif% + +%if% available "timezone" + +timezone "EST5EDT" + +%endif% + +%if% available "throttle" + +throttle + admin-state disabled + memory-throttle 20 + memory-terminate 5 + temp-fs-throttle 0 + temp-fs-terminate 0 + qcode-warn 10 + timeout 30 + no status-log + status-loglevel debug + sensors-log + backlog-size 0 + backlog-timeout 30 +exit + +%endif% + +%if% available "snmp" + +snmp + admin-state disabled + version 2c + ip-address 0.0.0.0 + port 161 + security-level authPriv + access-level read-only + trap-default-subscriptions + trap-priority warn + trap-code 0x00030002 + trap-code 0x00230003 + trap-code 0x00330002 + trap-code 0x00b30014 + trap-code 0x00e30001 + trap-code 0x00e40008 + trap-code 0x00f30008 + trap-code 0x01530001 + trap-code 0x01a2000e + trap-code 0x01a40001 + trap-code 0x01a40005 + trap-code 0x01a40008 + trap-code 0x01b10006 + trap-code 0x01b10009 + trap-code 0x01b20002 + trap-code 0x01b20004 + trap-code 0x01b20008 + trap-code 0x02220001 + trap-code 0x02220003 + trap-code 0x02240002 +exit + +%endif% + +sslproxy "system-wsgw-management-loopback" "forward" "system-default" client-cache "on" client-sess-timeout "300" client-cache-size "100" + +crypto + +%if% available "cert-monitor" + +cert-monitor + admin-state enabled + poll 1 + reminder 30 + log-level warn + no disable-expired-certs +exit + +%endif% + +exit + +crypto + no crl + +exit + +%if% available "raid-volume" + +raid-volume "raid0" + admin-state disabled + no read-only +exit + +%endif% + +%if% available "language" + +language "de" + admin-state disabled +exit + +language "en" + admin-state enabled +exit + +language "es" + admin-state disabled +exit + +language "fr" + admin-state disabled +exit + +language "it" + admin-state disabled +exit + +language "ja" + admin-state disabled +exit + +language "ko" + admin-state disabled +exit + +language "pt_BR" + admin-state disabled +exit + +language "ru" + admin-state disabled +exit + +language "zh_CN" + admin-state disabled +exit + +language "zh_TW" + admin-state disabled +exit + +%endif% + +%if% available "system" + +system + admin-state enabled + entitlement "0000001" + name "998ad3c33d72" + audit-reserve 40 + no system-log-fixed-format +exit + +%endif% +logging event default-log "all" "error" +logging event default-log "mgmt" "notice" +logging event default-log "system" "notice" + +%if% available "rbm" + +rbm + admin-state enabled + au-method local + no au-ldap-search + ldap-prefix "cn=" + no au-force-dn-ldap-order + au-cache-mode absolute + au-cache-ttl 600 + au-ldap-readtimeout 60 + mc-method local + no mc-ldap-search + mc-ldap-readtimeout 60 + fallback-login disabled + no apply-cli + no restrict-admin + pwd-minimum-length 6 + no pwd-mixed-case + no pwd-digit + no pwd-nonalphanumeric + no pwd-username + no pwd-aging + pwd-max-age 30 + no pwd-history + pwd-max-history 5 + cli-timeout 0 + max-login-failure 0 + lockout-duration 1 + no mc-force-dn-ldap-order + password-hash-algorithm md5crypt + ssl-client-type proxy + mc-ssl-client-type proxy +exit + +%endif% + +acl "rest-mgmt" +exit + +acl "ssh" +exit + +acl "web-b2b-viewer" +exit + +acl "web-mgmt" +exit + +acl "xml-mgmt" +exit + +no ssh + +user-agent "default" + summary "Default User Agent" + max-redirects 8 + timeout 300 +exit + +%if% available "urlmap" + +urlmap "default-attempt-stream-all" + match "*" +exit + +%endif% + +%if% available "compile-options" + +compile-options "default-attempt-stream" + xslt-version XSLT10 + no strict + try-stream default-attempt-stream-all + stack-size 524288 + wsi-validate ignore + wsdl-validate-body strict + wsdl-validate-headers lax + wsdl-validate-faults strict + no wsdl-wrapped-faults + no wsdl-strict-soap-version + no xacml-debug +exit + +%endif% + +stylepolicy "default" + reset + summary "Default Processing Policy" + filter "store:///filter-reject-all.xsl" + xsldefault "store:///identity.xsl" + xquerydefault "store:///reject-all-json.xq" +exit + +%if% available "metadata" + +metadata "ftp-usercert-metadata" + meta-item "variable" "dn" "var://context/INPUT/ftp/tls/client-subject-dn" + meta-item "variable" "issuer" "var://context/INPUT/ftp/tls/client-issuer-dn" + meta-item "variable" "serial" "var://context/INPUT/ftp/tls/client-serial-number" +exit + +metadata "ftp-username-metadata" + meta-item "variable" "dn" "var://context/INPUT/ftp/tls/client-subject-dn" + meta-item "variable" "issuer" "var://context/INPUT/ftp/tls/client-issuer-dn" + meta-item "variable" "password" "var://context/INPUT/ftp/password" + meta-item "variable" "serial" "var://context/INPUT/ftp/tls/client-serial-number" + meta-item "variable" "username" "var://context/INPUT/ftp/username" +exit + +metadata "oauth-scope-metadata" + meta-item "variable" "scope" "var://context/INPUT/oauth/verified-scope" +exit + +metadata "ssh-password-metadata" + meta-item "variable" "password" "var://context/INPUT/ssh/password" + meta-item "variable" "publickey" "var://context/INPUT/ssh/publickey" + meta-item "variable" "username" "var://context/INPUT/ssh/username" +exit + +%endif% + +xmlmgr "default" +xsl cache size "default" "256" +xsl checksummed cache default +no tx-warn "default" +memoization "default" + +xml parser limits "default" + bytes-scanned 4194304 + element-depth 512 + attribute-count 128 + max-node-size 33554432 + forbid-external-references + external-references forbid + max-prefixes 1024 + max-namespaces 1024 + max-local-names 60000 +exit + +documentcache "default" + no policy + maxdocs "5000" + size "0" + max-writes "32768" +exit +no xml validate "default" * + +xml-manager "default" + summary "Default XML-Manager" + user-agent "default" +exit + +xmlmgr "default-attempt-stream" +xslconfig "default-attempt-stream" "default-attempt-stream" +xsl cache size "default-attempt-stream" "256" +xsl checksummed cache default-attempt-stream +no tx-warn "default-attempt-stream" +memoization "default-attempt-stream" + +xml parser limits "default-attempt-stream" + bytes-scanned 268435456 + element-depth 512 + attribute-count 128 + max-node-size 268435456 + forbid-external-references + external-references forbid + max-prefixes 1024 + max-namespaces 1024 + max-local-names 60000 +exit + +documentcache "default-attempt-stream" + no policy + maxdocs "5000" + size "0" + max-writes "32768" +exit +no xml validate "default-attempt-stream" * + +xml-manager "default-attempt-stream" + summary "Default Streaming XML-Manager" + user-agent "default" +exit + +xmlmgr "default-wsrr" +xsl cache size "default-wsrr" "256" +xsl checksummed cache default-wsrr +no tx-warn "default-wsrr" +memoization "default-wsrr" + +xml parser limits "default-wsrr" + bytes-scanned 4194304 + element-depth 512 + attribute-count 128 + max-node-size 33554432 + forbid-external-references + external-references forbid + max-prefixes 1024 + max-namespaces 1024 + max-local-names 60000 +exit + +documentcache "default-wsrr" + no policy + maxdocs "5000" + size "0" + max-writes "32768" +exit +no xml validate "default-wsrr" * + +xml-manager "default-wsrr" + summary "WSRR XML-Manager" + user-agent "default" +exit + +%if% available "aaapolicy" + +aaapolicy "iop-mgmt-aaa" + extract-identity "http-basic-auth+client-ssl" "" "" "" "" "login" "off" "" "off" "" "xmlfile" "" "" "" "" "" "proxy" "" "" "" "" + authenticate xmlfile "store:///iop-mgmt-aaa.xml" "" "" "" "absolute" "3" "" "" "" "" "" "on" "" "" "1.1" "cn=" "" "" "" "" "" "" "" "" "" "" "" "userPassword" "LTPA2" "" "" "" "" "" "off" "" "1.2" "off" "" "off" "32" "off" "32" "off" "off" "" "" "" "" "0" "off" "60" "proxy" "" "" "" "webagent" "" "" "" "default" + map-credentials xmlfile "store:///iop-mgmt-aaa.xml" "" "" + extract-resource "request-uri+request-opname" "" "" + map-resource xmlfile "store:///iop-mgmt-aaa.xml" "" "WebSEAL" "" "" + authorize xmlfile "store:///iop-mgmt-aaa.xml" "" "" "" "" "" "any" "" "" "absolute" "3" "" "" "" "1.1" "" "" "" "member" "" "" "subtree" "(objectClass=*)" "2.0" "deny-biased" "on" "" "" "custom" "" "" "" "off" "" "T" "" "off" "" "r" "" "0" "tfim" "" "off" "on" "off" "off" "60" "proxy" "" "" "webagent" "" "" "" "default" + post-process "off" "" "off" "XS" "" "off" "" "" "" "off" "on" "0" "off" "2.0" "off" "" "" "off" "Digest" "0" "0" "on" "off" "LTPA2" "600" "" "" "" "off" "http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ" "off" "" "off" "" "off" "" "off" "1000" "off" "all" "CallTFIM" "hmac-sha1" "sha1" "off" "random" "" "0" "off" "off" "off" "off" "" "off" "assertion" "" "wssec-replace" "authentication+attribute" "bearer" "on" "" "" "" "off" "off" "off" "" "0" "AllHTTP" "" "on" "off" "iv-creds" "0" "off" "" "off" "mc-output" "" "" "" "" "as-is-string" "" "" "proxy" "" "" "off" "" + log-allowed + log-allowed-level info + log-rejected + log-rejected-level warn + no ping-identity-compatibility + dos-valve 3 + ldap-version v2 + enforce-actor-role + dyn-config none +exit + +%endif% + +%if% available "wsm-stylepolicy" + +wsm-stylepolicy "default" + summary "Default Processing Policy" + filter "store:///filter-reject-all.xsl" + xsldefault "store:///identity.xsl" +exit + +%endif% + +%if% available "audit-log-settings" + +audit-log-settings + admin-state enabled + size 1000 + rotate 3 + audit-level standard +exit + +%endif% + +%if% available "smtp-server-connection" + +smtp-server-connection "default" + summary "Default SMTP Server Connection" + server-host smtp + server-port 25 + auth plain + ssl-client-type proxy +exit + +%endif% + +%if% available "b2b-persistence" + +b2b-persistence + admin-state disabled + raid-volume raid0 + storage-size 1024 + no ha-enabled + ha-other-hosts "" "1320" + ha-local-ip 0.0.0.0 + ha-local-port 1320 +exit + +%endif% + +crypto + +%if% available "sshdomainclientprofile" + +sshdomainclientprofile + no ciphers + admin-state enabled + ciphers CHACHA20-POLY1305_AT_OPENSSH.COM + ciphers AES128-CTR + ciphers AES192-CTR + ciphers AES256-CTR + ciphers AES128-GCM_AT_OPENSSH.COM + ciphers AES256-GCM_AT_OPENSSH.COM + ciphers ARCFOUR256 + ciphers ARCFOUR128 + ciphers AES128-CBC + ciphers 3DES-CBC + ciphers BLOWFISH-CBC + ciphers CAST128-CBC + ciphers AES192-CBC + ciphers AES256-CBC + ciphers ARCFOUR + ciphers RIJNDAEL-CBC_AT_LYSATOR.LIU.SE +exit + +%endif% + +exit + +crypto + +%if% available "sshserverprofile" + +sshserverprofile + no ciphers + admin-state enabled + ciphers CHACHA20-POLY1305_AT_OPENSSH.COM + ciphers AES128-CTR + ciphers AES192-CTR + ciphers AES256-CTR + ciphers AES128-GCM_AT_OPENSSH.COM + ciphers AES256-GCM_AT_OPENSSH.COM + ciphers ARCFOUR256 + ciphers ARCFOUR128 + ciphers AES128-CBC + ciphers 3DES-CBC + ciphers BLOWFISH-CBC + ciphers CAST128-CBC + ciphers AES192-CBC + ciphers AES256-CBC + ciphers ARCFOUR + ciphers RIJNDAEL-CBC_AT_LYSATOR.LIU.SE + enable-legacy-kex no +exit + +%endif% + +exit + +%if% available "domain-availability" + +domain-availability + admin-state disabled +exit + +%endif% + +%if% available "iop-mgmt" + +iop-mgmt + admin-state disabled + http-service + http-ip-address 0.0.0.0 + http-port 9990 + no https-service + https-ip-address 0.0.0.0 + https-port 9991 + ssl-config-type server +exit + +%endif% + +%if% available "nfs-client" + +nfs-client + admin-state disabled + mount-refresh-time 10 +exit + +%endif% + +%if% available "nfs-dynamic-mounts" + +nfs-dynamic-mounts + admin-state disabled + version 3 + transport tcp + mount-type hard + no read-only + rsize 4096 + wsize 4096 + timeo 7 + retrans 3 + inactivity-timeout 900 + mount-timeout 30 +exit + +%endif% + +%if% available "odr" + +odr + admin-state disabled +exit + +%endif% + +%if% available "quota-enforcement-server" + +quota-enforcement-server + admin-state enabled + server-port 16379 + monitor-port 26379 + no enable-peer-group + enable-ssl + priority 100 + strict-mode +exit + +%endif% + +%if% available "secure-mode" + +secure-mode + admin-state enabled +exit + +%endif% + +xml-mgmt + admin-state "enabled" + local-address "0.0.0.0" "5550" + no ws-management + slm-peering 10 + mode "any+soma+v2004+amp+slm+wsrr-subscription" + ssl-config-type server +exit + +rest-mgmt + admin-state "disabled" + local-address "0.0.0.0" "5554" + ssl-config-type server +exit + +%if% available "b2b-viewer-mgmt" + +b2b-viewer-mgmt + admin-state "disabled" + local-address "0.0.0.0" "9091" + idle-timeout 600 + ssl-config-type proxy +exit + +%endif% + +%if% available "save-config overwrite" + +save-config overwrite + +%endif% + +web-mgmt + admin-state "disabled" + local-address "0.0.0.0" "9090" + save-config-overwrite + idle-timeout 600 + ssl-config-type server +exit + +%if% available "slm-action" + +slm-action "notify" + type log-only + log-priority warn +exit + +slm-action "shape" + type shape + log-priority debug +exit + +slm-action "throttle" + type reject + log-priority debug +exit + +%endif% + +no statistics + +exec config:///auto-user.cfg + +%if% available "wsm-agent" + +wsm-agent + admin-state disabled + max-records 3000 + max-memory 64000 + capture-mode faults + buffer-mode discard + no mediation-enforcement-metrics + push-interval 100 + push-priority normal +exit + +%endif% + +failure-notification + admin-state "enabled" + no upload-report + no use-smtp + internal-state + no ffdc packet-capture + no ffdc event-log + no ffdc memory-trace + no always-on-startup + always-on-shutdown + protocol ftp + report-history 5 +exit + +%if% isfile temporary:///backtrace +save error-report +%endif% + diff --git a/datapower/src/drouter/config/auto-user.cfg b/datapower/src/drouter/config/auto-user.cfg new file mode 100644 index 0000000..1c7e2a0 --- /dev/null +++ b/datapower/src/drouter/config/auto-user.cfg @@ -0,0 +1,13 @@ +top; configure terminal; + +# configuration generated Tue Nov 8 06:00:38 2016; firmware version 281259 + +%if% available "user" + +user "admin" + summary "Administrator" + password-hashed "$1$12345678$kbapHduhihjieYIUP66Xt/" + access-level privileged +exit + +%endif% diff --git a/datapower/src/drouter/config/reset-password.cfg b/datapower/src/drouter/config/reset-password.cfg new file mode 100644 index 0000000..52a6443 --- /dev/null +++ b/datapower/src/drouter/config/reset-password.cfg @@ -0,0 +1,13 @@ +# When the password should be set to something random, +# we will have reset-password-imp.cfg. So if reset-password-imp.cfg +# exists, then the password will be reset and the imp will be removed. +# +# Otherwise, this is a noop. +# +# This config is referenced by an include-config in auto-startup.cfg. +top; config + +%if% isfile config:///reset-password-imp.cfg +exec config:///reset-password-imp.cfg +%endif% + diff --git a/datapower/src/start.sh b/datapower/src/start.sh new file mode 100755 index 0000000..c3c6f28 --- /dev/null +++ b/datapower/src/start.sh @@ -0,0 +1,26 @@ +#!/bin/sh +# This is rather like run-parts. The purpose of this script is +# to call separate scriptlets that each generate some DataPower +# configuration. Once all the DataPower configuration is generated, +# then it exec's drouter. + +set -x + +if [ "x${DATAPOWER_ACCEPT_LICENSE}x" != "xtruex" ]; then + exit 0 +fi + +# Ensure all the DATAPOWER_ env vars are available to drouter. +export $(env | grep ^DATAPOWER_ | cut -d= -f1) + +# source each of the scriptlets ala run-parts: +for f in $(find /start -type f -name \*.sh ! -name .\*) +do + echo "Processing $f" + . "$f" + set -x + echo +done + +# exec drouter with all orig args +exec /bin/drouter "$@" diff --git a/datapower/src/start/debug.sh b/datapower/src/start/debug.sh new file mode 100644 index 0000000..b8d859d --- /dev/null +++ b/datapower/src/start/debug.sh @@ -0,0 +1,69 @@ +#!/bin/sh + +if [ ! -z "$DEBUG" ] +then + # Have the DEBUG env var from Docker + # This means we want the log level to be set to debug in both default and foo + tee /drouter/config/debug.cfg <<-EOF + # DEBUG log is enabled + top; co + logging target "debug-log" + type file + priority normal + soap-version soap11 + format text + timestamp zulu + no fixed-format + size 10000 + local-file "logtemp:///debug-log" + archive-mode rotate + rotate 4 + no ansi-color + facility user + rate-limit 100 + connect-timeout 60 + idle-timeout 15 + active-timeout 0 + no feedback-detection + no event-detection + suppression-period 10 + ssl-client-type proxy + event "all" "debug" + exit + EOF + tee /drouter/config/foo/debug.cfg <<-EOF + # DEBUG log is enabled + top; co + logging target "debug-log" + type file + priority normal + soap-version soap11 + format text + timestamp zulu + no fixed-format + size 10000 + local-file "logtemp:///debug-log" + archive-mode rotate + rotate 4 + no ansi-color + facility user + rate-limit 100 + connect-timeout 60 + idle-timeout 15 + active-timeout 0 + no feedback-detection + no event-detection + suppression-period 10 + ssl-client-type proxy + event "all" "debug" + exit + EOF +else + # The DEBUG env var is not set in Docker; use loglevel info + tee /drouter/config/debug.cfg <<-EOF + # DEBUG log is not enabled + EOF + tee /drouter/config/foo/debug.cfg <<-EOF + # DEBUG log is not enabled + EOF +fi diff --git a/datapower/src/start/loadbalancer-group.sh b/datapower/src/start/loadbalancer-group.sh new file mode 100644 index 0000000..6c58768 --- /dev/null +++ b/datapower/src/start/loadbalancer-group.sh @@ -0,0 +1,25 @@ +#!/bin/sh + +{ + cat <<-EOF + top; co + + loadbalancer-group lbg-backend + reset + EOF + + ( env | grep '^[a-zA-Z0-9_-]*_PORT_8080_TCP_ADDR' | cut -d= -f2- ; nslookup backend | sed -n -e '/^$/,$p' | awk '/^Address /{print $4}'; ) \ + | while read ADDR + do + echo " server $ADDR 1 8080 enabled" + done + + cat <<-EOF + exit + + xml-manager default + loadbalancer-group lbg-backend + exit + EOF +} | tee /drouter/config/foo/loadbalancer-group.cfg + diff --git a/datapower/src/start/reset-password.sh b/datapower/src/start/reset-password.sh new file mode 100644 index 0000000..6379114 --- /dev/null +++ b/datapower/src/start/reset-password.sh @@ -0,0 +1,19 @@ +#!/bin/sh +# If DP_RESET_PASSWORD=true, then set the admin password to one which is +# random and automatically generated. Note that the password for 'admin' +# is already persisted as standard config, and that password is the one +# we'll use for development. But when we deploy we do *not* want a well- +# known password to exist. Therefore we will reset it. + +rm -f /drouter/config/reset-password-imp.cfg + +if [ "$DP_RESET_PASSWORD" = "true" ] +then + tee /drouter/config/reset-password-imp.cfg <<- EOF + top; co + user admin + password "$(tr -dc a-zA-Z0-9 < /dev/urandom | head -c 12)" + exit + delete config:///reset-password-imp.cfg + EOF +fi diff --git a/datapower/src/start/vbox-inotify-workaround.sh b/datapower/src/start/vbox-inotify-workaround.sh new file mode 100755 index 0000000..07d9b55 --- /dev/null +++ b/datapower/src/start/vbox-inotify-workaround.sh @@ -0,0 +1,25 @@ +#!/bin/sh +# +# Work around the VBox/Docker Toolbox inotify bug [1] by disabling +# GatewayScript Cache. Note that if we had XSL, we would want +# to disable caches for that too. +# +# [1] https://www.virtualbox.org/ticket/10660 + +rm -f /drouter/config/vbox-inotify-workaround.cfg + +if [ "$DP_VBOX_INOTIFY" = "true" ] +then + tee /drouter/config/vbox-inotify-workaround.cfg <<-EOF + # Working around https://www.virtualbox.org/ticket/10660 + # by disabling gatewayscript cache + # We only do this when using GatewayScript with Docker + # volumes when we expect to modify the GatewayScript itself + # and want the changes to be immediately recognized. + top; diag; set-gatewayscript-cache disable; top; config + EOF +else + tee /drouter/config/vbox-inotify-workaround.cfg <<-EOF + # No need to work around https://www.virtualbox.org/ticket/10660 + EOF +fi diff --git a/datapower/src/start/web-mgmt.sh b/datapower/src/start/web-mgmt.sh new file mode 100644 index 0000000..ba4bc13 --- /dev/null +++ b/datapower/src/start/web-mgmt.sh @@ -0,0 +1,22 @@ +{ + if [ "$DP_WEB_MGMT" = "true" ] + then + cat <<-EOF + top; co + + web-mgmt + reset + admin enabled + idle-timeout 0 + exit + EOF + else + cat <<-EOF + top; co + + web-mgmt + admin disabled + exit + EOF + fi +} | tee /drouter/config/web-mgmt.cfg diff --git a/docker-compose-microgateway.yaml b/docker-compose-microgateway.yaml new file mode 100644 index 0000000..d220251 --- /dev/null +++ b/docker-compose-microgateway.yaml @@ -0,0 +1,128 @@ +version: '2' + +services: + make-ssh-keys: + build: config-ssh-keys + container_name: make-ssh-keys + volumes: + - config_ssh_keys:/keys:rw + + esmaster: + build: elasticsearch-master + container_name: esmaster + networks: + - ibmnet + volumes: + - es_data:/usr/share/elasticsearch/data + + apim: + image: ibmcom/apiconnect:manager-${APIC_VERSION} + mem_limit: 2048m + volumes: + - apim_ihvar:/ihvar + - apim_wip:/wip + - config_ssh_keys:/keys:ro + environment: + - MANAGEMENT_CLUSTER_HOST=apim + - PORTAL_PRIVATE_KEY=/keys/portal + - PORTAL_PUBLIC_KEY=/keys/portal.pub + - PORTAL_LB=ibmportal + - ES_HOST=esmaster + - ES_PORT=9500 + - SMTP_HOST + - SMTP_PORT + - SMTP_USERNAME + - SMTP_PASSWORD + - SMTP_SENDER + - LOGSTASH_HOST=ibmlogstash + - ACCEPT_LICENSE + container_name: apim + networks: + - ibmnet + depends_on: + - make-ssh-keys + - esmaster + + ibmportal: + image: ibmcom/apiconnect:portal-${APIC_VERSION} + environment: + - PORTAL_LB=ibmportal + - PORTAL_PUBLIC_KEY=/keys/portal.pub + - APIC_HOST=apim + - SMTP_HOST + - SMTP_PORT + - SMTP_USERNAME + - SMTP_PASSWORD + - SMTP_SENDER + - ACCEPT_LICENSE + volumes: + - ibmportal_var:/var + - ibmportal_etc:/etc + - config_ssh_keys:/keys:ro + container_name: ibmportal + depends_on: + - make-ssh-keys + - apim + networks: + - ibmnet + + microgateway: + build: microgateway + environment: + - APIC_HOST=apim + container_name: microgateway + volumes: + - config_ssh_keys:/keys:ro + depends_on: + - make-ssh-keys + - apim + networks: + - ibmnet + + microservice: + build: microservice + container_name: microservice + networks: + - ibmnet + + logstash: + image: ibmcom/apiconnect:logstash-${APIC_VERSION} + environment: + - ES_HOST=esmaster + - MGMT_HOST=apim + - DB_HOST=apim + - ACCEPT_LICENSE + networks: + - ibmnet + container_name: ibmlogstash + depends_on: + - apim + - esmaster + + nginx: + build: sni-proxy + environment: + - PORTAL_DNS=ibmportal + - APIM_DNS=apim + - GATEWAY_DNS=microgateway + ports: + - "443:443" + container_name: nginx + depends_on: + - ibmportal + - microgateway + - apim + networks: + - ibmnet + +volumes: + config_ssh_keys: + apim_ihvar: + apim_wip: + ibmportal_var: + ibmportal_etc: + es_data: + +networks: + ibmnet: + diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..ba7f893 --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,122 @@ +version: '2' + +services: + make-ssh-keys: + build: config-ssh-keys + container_name: make-ssh-keys + volumes: + - config_ssh_keys:/keys:rw + + esmaster: + build: elasticsearch-master + container_name: esmaster + networks: + - ibmnet + volumes: + - es_data:/usr/share/elasticsearch/data + + datapower: + build: datapower + container_name: datapower + networks: + - ibmnet + environment: + - DATAPOWER_ACCEPT_LICENSE=$ACCEPT_LICENSE + + apim: + image: ibmcom/apiconnect:manager-${APIC_VERSION} + mem_limit: 2048m + volumes: + - apim_ihvar:/ihvar + - apim_wip:/wip + - config_ssh_keys:/keys:ro + environment: + - MANAGEMENT_CLUSTER_HOST=apim + - PORTAL_PRIVATE_KEY=/keys/portal + - PORTAL_PUBLIC_KEY=/keys/portal.pub + - PORTAL_LB=ibmportal + - ES_HOST=esmaster + - ES_PORT=9500 + - SMTP_HOST + - SMTP_PORT + - SMTP_USERNAME + - SMTP_PASSWORD + - SMTP_SENDER + - LOGSTASH_HOST=ibmlogstash + - ACCEPT_LICENSE + container_name: apim + networks: + - ibmnet + depends_on: + - make-ssh-keys + - esmaster + + ibmportal: + image: ibmcom/apiconnect:portal-${APIC_VERSION} + environment: + - PORTAL_LB=ibmportal + - PORTAL_PUBLIC_KEY=/keys/portal.pub + - APIC_HOST=apim + - SMTP_HOST + - SMTP_PORT + - SMTP_USERNAME + - SMTP_PASSWORD + - SMTP_SENDER + - ACCEPT_LICENSE + volumes: + - ibmportal_var:/var + - ibmportal_etc:/etc + - config_ssh_keys:/keys:ro + container_name: ibmportal + depends_on: + - make-ssh-keys + - apim + networks: + - ibmnet + + microservice: + build: microservice + container_name: microservice + networks: + - ibmnet + + logstash: + image: ibmcom/apiconnect:logstash-${APIC_VERSION} + environment: + - ES_HOST=esmaster + - MGMT_HOST=apim + - DB_HOST=apim + - ACCEPT_LICENSE + networks: + - ibmnet + container_name: ibmlogstash + depends_on: + - apim + - esmaster + + nginx: + build: sni-proxy + environment: + - PORTAL_DNS=ibmportal + - APIM_DNS=apim + - GATEWAY_DNS=datapower + ports: + - "443:443" + container_name: nginx + depends_on: + - ibmportal + - datapower + - apim + networks: + - ibmnet + +volumes: + config_ssh_keys: + apim_ihvar: + apim_wip: + ibmportal_var: + ibmportal_etc: + es_data: + +networks: + ibmnet: diff --git a/elasticsearch-master/Dockerfile b/elasticsearch-master/Dockerfile new file mode 100644 index 0000000..7a466e1 --- /dev/null +++ b/elasticsearch-master/Dockerfile @@ -0,0 +1,5 @@ +FROM elasticsearch:2.4.1 +ADD config/master /usr/share/elasticsearch/config +VOLUME /usr/share/elasticsearch/data +USER elasticsearch +CMD elasticsearch diff --git a/elasticsearch-master/config/master/elasticsearch.yml b/elasticsearch-master/config/master/elasticsearch.yml new file mode 100644 index 0000000..90e7160 --- /dev/null +++ b/elasticsearch-master/config/master/elasticsearch.yml @@ -0,0 +1,8 @@ +cluster.name: "APIC" +#node.master: "true" +#node.data: "false" +#node.client: "false" +#discovery.zen.ping.multicast.enabled: "true" +network.host: "0.0.0.0" +transport.tcp.port: 9600 +http.port: 9500 diff --git a/elasticsearch-master/config/master/logging.yml b/elasticsearch-master/config/master/logging.yml new file mode 100644 index 0000000..4bb678f --- /dev/null +++ b/elasticsearch-master/config/master/logging.yml @@ -0,0 +1,17 @@ +es.logger.level: INFO +rootLogger: ${es.logger.level}, console, file +logger: +action: TRACE +appender: +console: +type: console +layout: +type: consolePattern +conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" +file: +type: dailyRollingFile +file: ${path.logs}/${cluster.name}.log +datePattern: "'.'yyyy-MM-dd" +layout: +type: pattern +conversionPattern: "[%d{ISO8601}][%-5p][%-25c] %m%n" diff --git a/microgateway/Dockerfile b/microgateway/Dockerfile new file mode 100644 index 0000000..d8f89fb --- /dev/null +++ b/microgateway/Dockerfile @@ -0,0 +1,29 @@ +FROM node:4-slim + +# Create pull config directory +RUN mkdir -p /usr/src/set-config +COPY set-config/* /usr/src/set-config/ +RUN npm install --prefix /usr/src/set-config + + +# Create app directory +RUN mkdir -p /usr/src/app && \ + apt update && \ + apt install -y jq && \ + rm -rf /var/lib/apt/lists/* +WORKDIR /usr/src/app + +# Install microgateway +RUN npm install --silent -g npm && \ + npm install --silent microgateway && \ + npm install --silent microgateway && \ + mkdir -p /usr/src/app/node_modules/microgateway/config/default + +# Bundle app source +COPY *.yaml /usr/src/app/node_modules/microgateway + +COPY *.sh /usr/bin/ +RUN chmod +x /usr/bin/app.sh +ENV NODE_ENV production +CMD [ "/bin/sh", "-c", "/usr/bin/app.sh config && /usr/bin/app.sh start && /usr/bin/app.sh wait" ] + diff --git a/microgateway/app.sh b/microgateway/app.sh new file mode 100755 index 0000000..98aa14d --- /dev/null +++ b/microgateway/app.sh @@ -0,0 +1,115 @@ +#!/bin/bash -e + +startApp() { + waitForApimReady + if [ $(check) -eq 0 ]; then + return; + fi + + cd /usr/src/app/node_modules/microgateway + node . & + echo $! > /tmp/app.pid +} + +stopApp() { + if [ -f /tmp/app.pid ]; then + kill `cat /tmp/app.pid` + rm /tmp/app.pid + fi +} + +restartApp() { + touch /tmp/app.restart + stopApp + startApp + rm /tmp/app.restart +} + +updateConfig() { + cd /usr/src/app/node_modules/microgateway + if [ ! -f id_rsa ]; then + cp /keys/microgw id_rsa + fi + if [ ! -f id_rsa.pub ]; then + cp /keys/microgw.pub id_rsa.pub + fi + node /usr/src/set-config/index.js +} + + +check() { + if [ -f /tmp/app.restart ]; then + echo 0; + return; + fi + + if [ ! -f /tmp/app.pid ]; then + echo 1; + return; + fi + + PID=$(cat /tmp/app.pid) + if [ ! -d /proc/$PID ]; then + echo 1; + else + echo 0; + fi +} + +waitApp() { + while [ $(check) -eq 0 ]; do + sleep 1; + done +} + +checkApp() { + exit $(check) +} + +waitForApimReady() { + SECONDS=0 + if [[ -n "$APIC_HOST" ]] + then + echo "Waiting for $APIC_HOST to be ready ..." + wget -q --no-check-certificate https://$APIC_HOST/v1/portal/config?originURL=https://__impossible_url__ -O - && WGETRC=$? || WGETRC=$? + while [[ "$WGETRC" -ne 0 ]] + do + sleep 5 + echo "Waiting for $APIC_HOST to be ready ($(elapsed)) ..." + wget -q --no-check-certificate https://$APIC_HOST/v1/portal/config?originURL=https://__impossible_url__ -O - && WGETRC=$? || WGETRC=$? + done + fi +} + +elapsed() { + local DUR=$SECONDS + local MIN=$((DUR / 60)) + local SEC=$((DUR % 60)) + echo ${MIN}m${SEC}s +} + +case "$1" in + start) + startApp + ;; + stop) + stopApp + ;; + restart) + restartApp + ;; + wait) + waitApp + ;; + config) + updateConfig + ;; + check) + checkApp + ;; + *) + echo "start | stop | restart | wait | check | config" + exit 1 +esac + +exit 0 diff --git a/microgateway/env.yaml b/microgateway/env.yaml new file mode 100644 index 0000000..cc1c0cd --- /dev/null +++ b/microgateway/env.yaml @@ -0,0 +1,6 @@ +APIMANAGER_PORT: "443" +APIMANAGER: "apim" +PORT: "443" +APIC_LOG_FILE_LEVEL: "debug" +APIC_LOG_CONSOLE_LEVEL: "info" +DATASTORE_PORT: "8000" diff --git a/microgateway/set-config/LICENSE.txt b/microgateway/set-config/LICENSE.txt new file mode 100755 index 0000000..b452cd8 --- /dev/null +++ b/microgateway/set-config/LICENSE.txt @@ -0,0 +1,2694 @@ +NOTICE + +This document includes License Information documents below for multiple Programs. Each License Information document identifies the Program(s) to which it applies. Only those License Information documents for the Program(s) for which Licensee has acquired entitlements apply. + + +============================================== + + +LICENSE INFORMATION + +The Programs listed below are licensed under the following License Information terms and conditions in addition to the Program license terms previously agreed to by Client and IBM. If Client does not have previously agreed to license terms in effect for the Program, the International Program License Agreement (Z125-3301-14) applies. + +Program Name: IBM API Connect Essentials Edition V5.0 +Program Number: 5725-Z22 + +As described in the International Program License Agreement ("IPLA") and this License Information, IBM grants Licensee a limited right to use the Program. This right is limited to the level of Authorized Use, such as a Processor Value Unit ("PVU"), a Resource Value Unit ("RVU"), a Value Unit ("VU"), or other specified level of use, paid for by Licensee as evidenced in the Proof of Entitlement. Licensee's use may also be limited to a specified machine, or only as a Supporting Program, or subject to other restrictions. As Licensee has not paid for all of the economic value of the Program, no other use is permitted without the payment of additional fees. In addition, Licensee is not authorized to use the Program to provide commercial IT services to any third party, to provide commercial hosting or timesharing, or to sublicense, rent, or lease the Program unless expressly provided for in the applicable agreements under which Licensee obtains authorizations to use the Program. Additional rights may be available to Licensee subject to the payment of additional fees or under different or supplementary terms. IBM reserves the right to determine whether to make such additional rights available to Licensee. + +Program's specifications can be found in the collective Description and Technical Information sections of the Program's Announcement Letters. + +Supporting Programs + +The Program is licensed as a multi-product package and includes the Supporting Programs identified below. Licensee is authorized to install and use such Supporting Programs only to support Licensee's use of the Principal Program under this Agreement and within the limits of the Proofs of Entitlement for the Program (unless broader rights are provided elsewhere in this License Information document). The phrase "to support Licensee's use" would include only those uses that are necessary or otherwise directly related to a licensed use of the Principal Program or another Supporting Program. The Supporting Programs may not be used for any other purpose. Licensee is not authorized to transfer or remarket the Supporting Programs separate from the Principal Program. A Supporting Program may be accompanied by license terms, and those terms, if any, apply to Licensee's use of that Supporting Program. In the event of conflict, the terms in this License Information document supersede the Supporting Program's terms. When Licensee's right to use the Program expires or terminates, Licensee must discontinue use, destroy or promptly return all copies of the Supporting Programs to the party from whom Licensee acquired the Program. If Licensee downloaded the Supporting Programs, Licensee should contact the party from whom Licensee acquired the Program. If Licensee wishes to license the Supporting Programs for any use beyond the limits set forth above, please contact an IBM Sales Representative or the party from whom Licensee acquired the Program to obtain the appropriate license. + +The following are Supporting Programs licensed with the Program: +IBM WebSphere DataPower Option for Application Optimization V7.5 +WebSphere Application Server Liberty Core V8.5.5 +API Connect Create for Node.js V5.0 +IBM HTTP Server + +Separately Licensed Code + +The provisions of this paragraph do not apply to the extent they are held to be invalid or unenforceable under the law that governs this license. Each of the components listed below is considered "Separately Licensed Code". IBM Separately Licensed Code is licensed to Licensee under the terms of the applicable third party license agreement(s) set forth in the NON_IBM_LICENSE file(s) that accompanies the Program. Notwithstanding any of the terms in the Agreement, or any other agreement Licensee may have with IBM, the terms of such third party license agreement(s) governs Licensee's use of all Separately Licensed Code unless otherwise noted below. + +Future Program updates or fixes may contain additional Separately Licensed Code. Such additional Separately Licensed Code and related licenses are listed in another NON_IBM_LICENSE file that accompanies the Program update or fix. Licensee acknowledges that Licensee has read and agrees to the license agreements contained in the NON_IBM_LICENSE file(s). If Licensee does not agree to the terms of these third party license agreements, Licensee may not use the Separately Licensed Code. + +For Programs acquired under the International Program License Agreement ("IPLA") or International Program License Agreement for Non Warranted Program ("ILAN") and Licensee is the original licensee of the Program, if Licensee does not agree with the third party license agreements, Licensee may return the Program in accordance with the terms of, and within the specified time frames stated in, the "Money-back Guarantee" section of the IPLA or ILAN IBM Agreement. + +Note: Notwithstanding any of the terms in the third party license agreement, the Agreement, or any other agreement Licensee may have with IBM: +(a) IBM provides this Separately Licensed Code to Licensee WITHOUT WARRANTIES OF ANY KIND; +(b) IBM DISCLAIMS ANY AND ALL EXPRESS AND IMPLIED WARRANTIES AND CONDITIONS INCLUDING, BUT NOT LIMITED TO, THE WARRANTY OF TITLE, NON-INFRINGEMENT OR INTERFERENCE AND THE IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, WITH RESPECT TO THE SEPARATELY LICENSED CODE; +(c) IBM is not liable to Licensee, and will not defend, indemnify, or hold Licensee harmless for any claims arising from or related to the Separately Licensed Code; and +(d) IBM is not liable for any direct, indirect, incidental, special, exemplary, punitive or consequential damages including, but not limited to, lost data, lost savings, and lost profits, with respect to the Separately Licensed Code. + +Notwithstanding these exclusions, in Germany and Austria, IBM's warranty and liability for the Separately Licensed Code is governed only by the respective terms applicable for Germany and Austria in IBM license agreements. + +Note: IBM may provide limited support for some Separately Licensed Code. If such support is available, the details and any additional terms related to such support will be set forth in the License Information document. + +The following are Separately Licensed Code: +acl +acpi +acpid +acpi-support +adaptivetheme (drupal) +addressfield (drupal) +AddToAny (drupal) +AddToAny (drupal) +adduser +admin_menu (drupal) +adminimal_admin_menu (drupal) +adminimal_theme (drupal) +advagg (drupal) +Advanced Forum (drupal) +Advanced syslog (drupal) +alpha_pagination +alsa-lib +angular.js/images/logo +Ansible +apt +aptitude +aptitude-common +apt-utils +at +AT Tools (drupal) +atk +attr +audit +augeas +autogen +Automated Logout (drupal) +avahi +base-files +base-lsb +base-passwd +bash +bc +Bean (drupal) +Bean (drupal) +better_exposed_filters (drupal... +binary_heap.js +bind +bind9-host +binutils +Block Class (drupal) +Block Class Styles (drupal) +BOA +bridge-utils +busybox +c3p0 +ca-certificates +cairo +cairo-spice +caniuse-db(node) +CAPTCHA (Drupal) +cdrkit +chain_menu_access +chkconfig +commons.wikimedia +compat-gcc-32 +config.guess +ConsoleKit +console-setup +content_access (drupal) +context (drupal) +coreutils +cpio +cron +cronie +crontabs +cryptsetup-luks +csync2 +CTools (drupal) +CTools (drupal) +cups +cvs +d3 (drupal) +dash +dbus +dbus-glib +debian-archive-keyring +debianutils +desktop-file-utils +device-mapper-multipath +dialog +dictionaries-common +diffutils +discover +dmidecode +dmsetup +dnsmasq +dpkg +dracut +drbd83-kmod +drbd83-utils +Drupal +Drupal +drupal_helpers (drupal) +drush_language (drupal) +e2fslibs +e2fsprogs +ebtables +ed +eggdbus +eject +ejectorseat (drupal) +elfutils +entity (drupal) +Entity API (drupal) +Entity API (drupal) +Entity Reference (drupal) +ethtool +FAQ (drupal) +faq.html +Farbtastic +ffmpeg-spice +field_group (drupal) +filesystem +findutils +Fivestar (drupal) +Flag (Drupal) +Flag (Drupal) +flood_control +follow +Font Awesome4.1.0 +Font-Awesome +forum_access +forum_access +frameprevention (drupal) +gamin +gawk +gcc +gcc-4.7-base +gdb +gdbm +geoip-database +gettext +gettext-base +git +git-core +git-man +glib2 +glibc +gmp +GNU Libtool +gnupg +gnutls +gpgv +gpm +gpxe +grep +groff +groff-base +Group (drupal) +grub +grub2-common +grubby +grub-common +grub-pc +grub-pc-bin +gtfs +gtk2 +gzip +Hibernate +hicolor-icon-theme +hide_submit (Drupal) +Hierachical Select (Drupal) +hierarchical_select +hierarchical_select (drupal) +hostname +Htmlmail (drupal) +httprl (drupal) +hwdata +hybridauth (drupal) +hybridauth library +i18n (drupal) +ifupdown +igb-kmod +Image CAPTCHA Refresh (drupal) +Images +IMCE +IMCE (drupal) +imce_wysiwyg +imce_wysiwyg (drupal) +index-debug.html +info +initramfs-tools +initscripts +insserv +installation-report +install-info +iproute +iptables +iputils-ping +ipvsadm +irqbalance +iscsi-initiator-utils +iso-codes +ixgbe-kmod +jq +jQuery Update (drupal) +JSONSelect site +kbd +kernel +kexec-tools +keyboard-configuration +keyutils +klibc-utils +kmod +l10n_update +l10n_update (drupal) +LDAP (drupal) +LDAP (drupal) +legal (drupal) +less +libacl1 +libaio +libapt-inst1.5 +libapt-pkg4.12 +libart_lgpl +libasprintf0c2 +libasyncns +libattr1 +libblkid1 +libbz2-1.0 +libc6 +libcap2 +libcap-ng +libc-bin +libcgroup +libclass-isa-perl +libcmpiutil +libcomerr2 +libcwidget3 +libdb5.1 +libdbd-mysql-perl +libdbi-perl +libdevmapper1.02.1 +libdevmapper-event1.02.1 +libdiscover2 +libept1.4.12 +liberror-perl +libev4 +libfile-copy-recursive-perl +libfreetype6 +libfuse2 +libgcc1 +libgcrypt +libgcrypt11 +libgd2-xpm +libgdbm3 +libgeoip1 +libgnutls2 +libgnutls-openssl27 +libgpg-error +libgpg-error0 +libhtml-template-perl +libidn +libidn11 +libkeyutils1 +libklibc +libkmod2 +liblocale-gettext-perl +libltdl7 +liblzma5 +libmariadbclient18 +libmcrypt4 +libmount1 +libmverbs +libmysqlclient18 +libnewt0.52 +libnfnetlink0 +libnih +libnl +libp11-kit0 +libpam0g +libpam-modules +libpam-modules-bin +libpam-runtime +libpci3 +libpipeline1 +libpng12-0 +libpopt0 +libprocps0 +libqdbm14 +Libraries API (drupal) +libreadline5 +libreadline6 +librsync1 +librtmp0 +libsasl2-2 +libsasl2-modules +libselinux1 +libsemanage1 +libsemanage-common +libsepol +libsepol1 +libsigc++-2.0-0c2a +libsigsegv2 +libslang2 +libsndfile +libss2 +libstdc++6 +libswitch-perl +libt +libtasn1 +libtasn1-3 +libtext-charwidth-perl +libtext-iconv-perl +libtext-wrapi18n-perl +libthai +libtool +libudev0 +libusb +libusb-0.1-4 +libuser +libustr-1.0-1 +libutempter +libuuid1 +libuuid-perl +libvirt +libvirt-cim +libxapian22 +linkchecker (drupal) +linkchecker (drupal) +linkit +linkit (drupal) +linkit_picker +linkit_picker (drupal) +linux-base +linux-image-3.2.0 +lksctp-tools +lm_sensors +locales +login +logrotate +lsb-base +lsb-release +lsof +lsyncd +lvm2 +lzo +lzop +m4 +Mailsystem (drupal) +make +MAKEDEV +man +man-db +manpages +mariadb-client-5.5 +mariadb-client-core-5.5 +mariadb-common +mariadb-galera-server +mariadb-galera-server-5.5 +markdown (drupal) +material-design-icons +material-design-icons-iconfont +mawk +mdadm +megaraid_sas-kmod +menu_item_visibility (drupal) +menu_item_visibility (drupal) +messaging (drupal) +metatag (drupal) +microcode_ctl +mime-support +mingetty +module-init-tools +mount +mptlinux-kmod +multiarch-support +mysql +mysql-common +nano +netbase +netcat-traditional +netcf +net-tools +newt +nfs-utils +nginx +nginx-common +nginx-full +nmap +no_autocomplete (drupal) +node_clone (drupal) +notifications (drupal) +notifications_forum (drupal) +nss-pam-ldapd +numactl +numad +ocfs2-tools +ofa_kernel +OpenIPMI +openssh-blacklist +openssh-blacklist-extra +openssh-client +openssh-server +oprofile +os-prober +pam +pam_ldap +Panels (drupal) +Panels (drupal) +pango +parted +passwd +Password policy (drupal) +patch +Pathologic (drupal) +PCD +pciutils +percona-xtrabackup +Percona-XtraDB-Cluster +perl +perl-base +perl-modules +PHP SAML2 +phpmailer +PHPMailer (drupal) +pkgconfig +pkg-config +plymouth +pm-utils +polkit +portreserve +prelink +procmail +procps +psmisc +pulseaudio +python +python2.7 +python2.7-minimal +python-apt +python-apt-common +python-gnupginterface +python-minimal +python-pycurl +python-software-properties +python-support +qemu-kvm +readline +readline-common +restrict_by_ip (drupal) +restws (drupal) +rng-tools +rpm +rsync +rsyslog +Rules_http_client (drupal) +scsi-target-utils +seabios +search_autocomplete (drupal) +search_config (drupal) +search404 (drupal) +seckit (drupal) +security_questions (drupal) +sed +seek-bzip +sensible-utils +session_limit (drupal) +sgml-base +shadow-utils +shared-mime-info +sharutils +Simple Dialog +simplesamlphp +simplesamlphp_auth (drupal) +site_test (drupal) +site_test_helpers (drupal) +slang +slick (drupal) +slick_extras (drupal) +slick_views (drupal) +socat +SPDX specification +spdx-exceptions(Node)1.0.3 +spdx-exceptions(Node)1.0.4 +spdx-exceptions(Node)1.0.5 +spdx-expression-parse (node) +spice-server +sshpass +ssmtp +StatsD (drupal) +stickynav (drupal) +Support Ticketing System (drupal) +swig +sysfsutils +syslog-ng +sysstat +sysvinit +sysvinit-utils +sysv-rc +TagCloud (drupal) +tar +tar-static +tasksel +tasksel-data +taxonomy_menu +taxonomy_menu (drupal) +taxonomy_menu_block (drupal) +texinfo +tfa +tfa (drupal) +tfa_basic +tfa_basic (drupal) +time +tinyMCE +tmpreaper +Token (Drupal) +traceroute +Translation helpers (drupal) +transliteration (drupal) +trustedgrub +tunctl +Twitter Timeline (drupal) +ucf +udev +Ulimate Cron (Drupal) +Ulimate Cron (Drupal) +unattended-upgrades +underscore.js (drupal) +unixODBC +update-inetd +upstart +user_pwreset_timeout (Drupal) +util-linux +util-linux-locales +util-linux-ng +Variable (drupal) +vgabios +Views (drupal) +Views_bulk_operations (drupal) +views_send (drupal) +vim +Voting API (drupal) +VPPR (drupal) +wget +which +whiptail +workbench (drupal) +workbench_moderation (drupal) +Wysiwig (drupal) +xautoload (drupal) +xml-core +xmlto +xpath.js +xtrabackup +xz +xz-utils + +Benchmarking + +Licensee may disclose the results of any benchmark test of the Program or its subcomponents to any third party provided that Licensee (A) publicly discloses the complete methodology used in the benchmark test (for example, hardware and software setup, installation procedure and configuration files), (B) performs Licensee's benchmark testing running the Program in its Specified Operating Environment using the latest applicable updates, patches and fixes available for the Program from IBM or third parties that provide IBM products ("Third Parties"), and (C) follows any and all performance tuning and "best practices" guidance available in the Program's documentation and on IBM's support web sites for the Program. If Licensee publishes the results of any benchmark tests for the Program, then notwithstanding anything to the contrary in any agreement between Licensee and IBM or Third Parties, IBM and Third Parties will have the right to publish the results of benchmark tests with respect to Licensee's products provided IBM or Third Parties complies with the requirements of (A), (B) and (C) above in its testing of Licensee's products. + +Notwithstanding the foregoing, under no circumstances may Licensee publish the results of benchmark tests run on Oracle Outside In Technology without prior written permission. + +The above benchmarking terms apply to the following Programs or subcomponents: +IBM Connect V5.0 + +Source Components and Sample Materials + +The Program may include some components in source code form ("Source Components") and other materials identified as Sample Materials. Licensee may copy and modify Source Components and Sample Materials for internal use only provided such use is within the limits of the license rights under this Agreement, provided however that Licensee may not alter or delete any copyright information or notices contained in the Source Components or Sample Materials. IBM provides the Source Components and Sample Materials without obligation of support and "AS IS", WITH NO WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTY OF TITLE, NON-INFRINGEMENT OR NON-INTERFERENCE AND THE IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + +Processor Value Unit (PVU) + +Processor Value Unit (PVU) is a unit of measure by which the Program can be licensed. The number of PVU entitlements required is based on the processor technology (defined within the PVU Table by Processor Vendor, Brand, Type and Model Number at http://www.ibm.com/software/lotus/passportadvantage/pvu_licensing_for_customers.html) and the number of processors made available to the Program. IBM continues to define a processor, for the purpose of PVU-based licensing, to be each processor core on a chip. A dual-core processor chip, for example, has two processor cores. + +Licensee can deploy the Program using either Full Capacity licensing or Virtualization Capacity (Sub-Capacity) licensing according to the Passport Advantage Sub-Capacity Licensing Terms (see webpage below). If using Full Capacity licensing, Licensee must obtain PVU entitlements sufficient to cover all activated processor cores* in the physical hardware environment made available to or managed by the Program, except for those servers from which the Program has been permanently removed. If using Virtualization Capacity licensing, Licensee must obtain entitlements sufficient to cover all activated processor cores made available to or managed by the Program, as defined according to the Virtualization Capacity License Counting Rules at http://www.ibm.com/software/lotus/passportadvantage/Counting_Software_licenses_using_specific_virtualization_technologies.html. + +* An Activated processor core is a processor core that is available for use in a physical or virtual server, regardless of whether the capacity of the processor core can be or is limited through virtualization technologies, operating system commands, BIOS settings, or similar restrictions. + +Program-unique Terms + +Licensee is prohibited from invoking more than fifty thousand (50,000) API Calls per month. + +API Call is the invocation of the Program via a programmable interface. + +Advanced Connectors can only be used for Development. + +Licensee's use of Developer Portal and API Manager is limited to a maximum of one (1) Install. + +Licensee's use of MicroGateway is limited to a maximum of one (1) Install per Catalog. + +An Install is an installed copy of the Program on a physical or virtual disk made available to be executed on a computer. + +A Catalog is a staging target, and behaves as a logical partition of the MicroGateway and the Developer Portal. + +The Program may collect information from Licensee's users concerning their user experience, which is used to enhance the Program and make recommendations about ways your users can enhance their experience. Licensee's users have the ability to decide whether to share this information with IBM. + +Supporting Program Details + +API Connect Create for Node.js +Entitlement: 300 PVUs +Licensee's right to use API Connect Create for Node.js is not restricted to 300 PVUs if deployed for Development and Functional Testing. + +Processor Value Unit (PVU) is a unit of measure by which the Program can be licensed. The number of PVU entitlements required is based on the processor technology (defined within the PVU Table by Processor Vendor, Brand, Type and Model Number at http://www.ibm.com/software/lotus/passportadvantage/pvu_licensing_for_customers.html) and the number of processors made available to the Program. IBM continues to define a processor, for the purpose of PVU-based licensing, to be each processor core on a chip. A dual-core processor chip, for example, has two processor cores. + +"Development" means that the Program can only be deployed as part of Licensee's internal development and unit testing environments. Licensee is not authorized to use the Program for testing, quality assurance activity, testing scalability of any code, application or system, internal benchmarking, staging, production workloads, or simulating production workloads. Licensee is not authorized to use any part of the Program for any other purposes without acquiring the appropriate non-production or production entitlements. + + +L/N: L-CLIG-AD7QWQ +D/N: L-CLIG-AD7QWQ +P/N: L-CLIG-AD7QWQ + + + +============================================== + + +LICENSE INFORMATION + +The Programs listed below are licensed under the following License Information terms and conditions in addition to the Program license terms previously agreed to by Client and IBM. If Client does not have previously agreed to license terms in effect for the Program, the International Program License Agreement (Z125-3301-14) applies. + +Program Name: IBM API Connect Professional Edition V5.0 +Program Number: 5725-Z22 + +Program Name: IBM API Connect Professional Non Production V5.0 +Program Number: 5725-Z22 + +As described in the International Program License Agreement ("IPLA") and this License Information, IBM grants Licensee a limited right to use the Program. This right is limited to the level of Authorized Use, such as a Processor Value Unit ("PVU"), a Resource Value Unit ("RVU"), a Value Unit ("VU"), or other specified level of use, paid for by Licensee as evidenced in the Proof of Entitlement. Licensee's use may also be limited to a specified machine, or only as a Supporting Program, or subject to other restrictions. As Licensee has not paid for all of the economic value of the Program, no other use is permitted without the payment of additional fees. In addition, Licensee is not authorized to use the Program to provide commercial IT services to any third party, to provide commercial hosting or timesharing, or to sublicense, rent, or lease the Program unless expressly provided for in the applicable agreements under which Licensee obtains authorizations to use the Program. Additional rights may be available to Licensee subject to the payment of additional fees or under different or supplementary terms. IBM reserves the right to determine whether to make such additional rights available to Licensee. + +Program's specifications can be found in the collective Description and Technical Information sections of the Program's Announcement Letters. + +Supporting Programs + +The Program is licensed as a multi-product package and includes the Supporting Programs identified below. Licensee is authorized to install and use such Supporting Programs only to support Licensee's use of the Principal Program under this Agreement and within the limits of the Proofs of Entitlement for the Program (unless broader rights are provided elsewhere in this License Information document). The phrase "to support Licensee's use" would include only those uses that are necessary or otherwise directly related to a licensed use of the Principal Program or another Supporting Program. The Supporting Programs may not be used for any other purpose. Licensee is not authorized to transfer or remarket the Supporting Programs separate from the Principal Program. A Supporting Program may be accompanied by license terms, and those terms, if any, apply to Licensee's use of that Supporting Program. In the event of conflict, the terms in this License Information document supersede the Supporting Program's terms. When Licensee's right to use the Program expires or terminates, Licensee must discontinue use, destroy or promptly return all copies of the Supporting Programs to the party from whom Licensee acquired the Program. If Licensee downloaded the Supporting Programs, Licensee should contact the party from whom Licensee acquired the Program. If Licensee wishes to license the Supporting Programs for any use beyond the limits set forth above, please contact an IBM Sales Representative or the party from whom Licensee acquired the Program to obtain the appropriate license. + +The following are Supporting Programs licensed with the Program: +Application Optimization Module for IBM DataPower Gateway V7.5 +WebSphere Application Server Liberty Core V8.5.5 +API Connect Create for Node.js V5.0 +IBM HTTP Server + +Non-Production Limitation + +If the Program is designated as "Non-Production", the Program can only be deployed as part of the Licensee's internal development and test environment for internal non-production activities, including but not limited to testing, performance tuning, fault diagnosis, internal benchmarking, staging, quality assurance activity and/or developing internally used additions or extensions to the Program using published application programming interfaces. Licensee is not authorized to use any part of the Program for any other purposes without acquiring the appropriate production entitlements. + +Separately Licensed Code + +The provisions of this paragraph do not apply to the extent they are held to be invalid or unenforceable under the law that governs this license. Each of the components listed below is considered "Separately Licensed Code". IBM Separately Licensed Code is licensed to Licensee under the terms of the applicable third party license agreement(s) set forth in the NON_IBM_LICENSE file(s) that accompanies the Program. Notwithstanding any of the terms in the Agreement, or any other agreement Licensee may have with IBM, the terms of such third party license agreement(s) governs Licensee's use of all Separately Licensed Code unless otherwise noted below. + +Future Program updates or fixes may contain additional Separately Licensed Code. Such additional Separately Licensed Code and related licenses are listed in another NON_IBM_LICENSE file that accompanies the Program update or fix. Licensee acknowledges that Licensee has read and agrees to the license agreements contained in the NON_IBM_LICENSE file(s). If Licensee does not agree to the terms of these third party license agreements, Licensee may not use the Separately Licensed Code. + +For Programs acquired under the International Program License Agreement ("IPLA") or International Program License Agreement for Non Warranted Program ("ILAN") and Licensee is the original licensee of the Program, if Licensee does not agree with the third party license agreements, Licensee may return the Program in accordance with the terms of, and within the specified time frames stated in, the "Money-back Guarantee" section of the IPLA or ILAN IBM Agreement. + +Note: Notwithstanding any of the terms in the third party license agreement, the Agreement, or any other agreement Licensee may have with IBM: +(a) IBM provides this Separately Licensed Code to Licensee WITHOUT WARRANTIES OF ANY KIND; +(b) IBM DISCLAIMS ANY AND ALL EXPRESS AND IMPLIED WARRANTIES AND CONDITIONS INCLUDING, BUT NOT LIMITED TO, THE WARRANTY OF TITLE, NON-INFRINGEMENT OR INTERFERENCE AND THE IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, WITH RESPECT TO THE SEPARATELY LICENSED CODE; +(c) IBM is not liable to Licensee, and will not defend, indemnify, or hold Licensee harmless for any claims arising from or related to the Separately Licensed Code; and +(d) IBM is not liable for any direct, indirect, incidental, special, exemplary, punitive or consequential damages including, but not limited to, lost data, lost savings, and lost profits, with respect to the Separately Licensed Code. + +Notwithstanding these exclusions, in Germany and Austria, IBM's warranty and liability for the Separately Licensed Code is governed only by the respective terms applicable for Germany and Austria in IBM license agreements. + +Note: IBM may provide limited support for some Separately Licensed Code. If such support is available, the details and any additional terms related to such support will be set forth in the License Information document. + +The following are Separately Licensed Code: +acl +acpi +acpid +acpi-support +adaptivetheme (drupal) +addressfield (drupal) +AddToAny (drupal) +adduser +admin_menu (drupal) +adminimal_admin_menu (drupal) +adminimal_theme (drupal) +advagg (drupal) +Advanced Forum (drupal) +Advanced syslog (drupal) +alpha_pagination +alsa-lib +angular.js/images/logo +apt +aptitude +aptitude-common +apt-utils +at +AT Tools (drupal) +atk +attr +audit +augeas +autogen +Automated Logout (drupal) +avahi +base-files +base-lsb +base-passwd +bash +bc +Bean (drupal) +better_exposed_filters (drupal... +binary_heap.js +bind +bind9-host +binutils +Block Class (drupal) +Block Class Styles (drupal) +BOA +Book access (drupal) +bridge-utils +busybox +c3p0 +ca-certificates +cairo +cairo-spice +caniuse-db(node) +CAPTCHA (Drupal) +cdrkit +chain_menu_access +chkconfig +commons.wikimedia +compat-gcc-32 +config.guess +ConsoleKit +console-setup +content_access (drupal) +context (drupal) +coreutils +cpio +cron +cronie +crontabs +cryptsetup-luks +csync2 +CTools (drupal) +cups +cvs +d3 (drupal) +dash +dbus +dbus-glib +debian-archive-keyring +debianutils +desktop-file-utils +device-mapper-multipath +dialog +dictionaries-common +diffutils +discover +dmidecode +dmsetup +dnsmasq +dpkg +dracut +drbd83-kmod +drbd83-utils +Drupal +drupal_helpers (drupal) +drush_language (drupal) +e2fslibs +e2fsprogs +ebtables +ed +eggdbus +eject +ejectorseat (drupal) +elasticsearch_connector (drupal) +elfutils +entity (drupal) +Entity API (drupal) +Entity Translation (drupal) +ethtool +FAQ (drupal) +faq.html +Farbtastic +ffmpeg-spice +filesystem +findutils +Fivestar (drupal) +Flag (Drupal) +flood_control +follow +Font Awesome4.1.0 +Font-Awesome +forum_access +frameprevention (drupal) +gamin +gawk +gcc +gcc-4.7-base +gdb +gdbm +geoip-database +gettext +gettext-base +git +git-core +git-man +glib2 +glibc +gmp +GNU Libtool +gnupg +gnutls +gpgv +gpm +gpxe +grep +groff +groff-base +Group (drupal) +grub +grub2-common +grubby +grub-common +grub-pc +grub-pc-bin +gtfs +gtk2 +gzip +Hibernate +hicolor-icon-theme +hide_submit (Drupal) +Hierachical Select (Drupal) +hierarchical_select +hierarchical_select (drupal) +highlightjs +hostname +Htmlmail (drupal) +httprl (drupal) +hwdata +hybridauth (drupal) +hybridauth library +i18n (drupal) +ifupdown +igb-kmod +Image CAPTCHA Refresh (drupal) +Images +IMCE +IMCE (drupal) +imce_wysiwyg +imce_wysiwyg (drupal) +index-debug.html +info +initramfs-tools +initscripts +insserv +installation-report +install-info +iproute +iptables +iputils-ping +ipvsadm +irqbalance +iscsi-initiator-utils +iso-codes +ixgbe-kmod +jq +jQuery Update (drupal) +JSONSelect site +kbd +kernel +kexec-tools +keyboard-configuration +keyutils +klibc-utils +kmod +l10n_update +l10n_update (drupal) +LDAP (drupal) +legal (drupal) +less +libacl1 +libaio +libapt-inst1.5 +libapt-pkg4.12 +libart_lgpl +libasprintf0c2 +libasyncns +libattr1 +libblkid1 +libbz2-1.0 +libc6 +libcap2 +libcap-ng +libc-bin +libcgroup +libclass-isa-perl +libcmpiutil +libcomerr2 +libcwidget3 +libdb5.1 +libdbd-mysql-perl +libdbi-perl +libdevmapper1.02.1 +libdevmapper-event1.02.1 +libdiscover2 +libept1.4.12 +liberror-perl +libev4 +libfile-copy-recursive-perl +libfreetype6 +libfuse2 +libgcc1 +libgcrypt +libgcrypt11 +libgd2-xpm +libgdbm3 +libgeoip1 +libgnutls2 +libgnutls-openssl27 +libgpg-error +libgpg-error0 +libhtml-template-perl +libidn +libidn11 +libkeyutils1 +libklibc +libkmod2 +liblocale-gettext-perl +libltdl7 +liblzma5 +libmariadbclient18 +libmcrypt4 +libmount1 +libmverbs +libmysqlclient18 +libnewt0.52 +libnfnetlink0 +libnih +libnl +libp11-kit0 +libpam0g +libpam-modules +libpam-modules-bin +libpam-runtime +libpci3 +libpipeline1 +libpng12-0 +libpopt0 +libprocps0 +libqdbm14 +Libraries API (drupal) +libreadline5 +libreadline6 +librsync1 +librtmp0 +libsasl2-2 +libsasl2-modules +libselinux1 +libsemanage1 +libsemanage-common +libsepol +libsepol1 +libsigc++-2.0-0c2a +libsigsegv2 +libslang2 +libsndfile +libss2 +libstdc++6 +libswitch-perl +libt +libtasn1 +libtasn1-3 +libtext-charwidth-perl +libtext-iconv-perl +libtext-wrapi18n-perl +libthai +libtool +libudev0 +libusb +libusb-0.1-4 +libuser +libustr-1.0-1 +libutempter +libuuid1 +libuuid-perl +libvirt +libvirt-cim +libxapian22 +linkchecker (drupal) +linkit +linkit (drupal) +linkit_picker +linkit_picker (drupal) +linux-base +linux-image-3.2.0 +lksctp-tools +lm_sensors +locales +login +logrotate +lsb-base +lsb-release +lsof +lsyncd +lvm2 +lzo +lzop +m4 +Mailsystem (drupal) +make +MAKEDEV +man +man-db +manpages +mariadb-client-5.5 +mariadb-client-core-5.5 +mariadb-common +mariadb-galera-server +mariadb-galera-server-5.5 +markdown (drupal) +material-design-icons +material-design-icons-iconfont +mawk +mdadm +megaraid_sas-kmod +menu_item_visibility (drupal) +messaging (drupal) +metatag (drupal) +microcode_ctl +mime-support +mingetty +module-init-tools +mount +mptlinux-kmod +multiarch-support +mysql +mysql-common +nano +netbase +netcat-traditional +netcf +net-tools +newt +nfs-utils +nginx +nginx-common +nginx-full +nmap +no_autocomplete (drupal) +node_clone (drupal) +notifications (drupal) +notifications_forum (drupal) +nss-pam-ldapd +numactl +numad +ocfs2-tools +ofa_kernel +OpenID Connect (drupal) +OpenIPMI +openssh-blacklist +openssh-blacklist-extra +openssh-client +openssh-server +oprofile +os-prober +pam +pam_ldap +Panels (drupal) +pango +parted +passwd +Password policy (drupal) +patch +Pathologic (drupal) +PCD +pciutils +percona-xtrabackup +Percona-XtraDB-Cluster +perl +perl-base +perl-modules +PHP SAML2 +phpmailer +PHPMailer (drupal) +pkgconfig +pkg-config +plymouth +pm-utils +polkit +portreserve +prelink +procmail +procps +psmisc +pulseaudio +python +python2.7 +python2.7-minimal +python-apt +python-apt-common +python-gnupginterface +python-minimal +python-pycurl +python-software-properties +python-support +qemu-kvm +readline +readline-common +restrict_by_ip (drupal) +restws (drupal) +rng-tools +rpm +rsync +rsyslog +Rules (drupal) +scsi-target-utils +seabios +search_autocomplete (drupal) +search_config (drupal) +search404 (drupal) +seckit (drupal) +security_questions (drupal) +sed +seek-bzip +sensible-utils +session_limit (drupal) +sgml-base +shadow-utils +shared-mime-info +sharutils +Simple Dialog +simplesamlphp +simplesamlphp_auth (drupal) +site_test (drupal) +site_test_helpers (drupal) +slang +slick (drupal) +slick_extras (drupal) +slick_views (drupal) +socat +SPDX specification +spdx-exceptions(Node)1.0.3 +spdx-exceptions(Node)1.0.4 +spdx-exceptions(Node)1.0.5 +spice-server +sshpass +ssmtp +StatsD (drupal) +stickynav (drupal) +Subform (drupal) +Support Ticketing System (drupal) +swig +sysfsutils +syslog-ng +sysstat +sysvinit +sysvinit-utils +sysv-rc +TagCloud (drupal) +tar +tar-static +tasksel +tasksel-data +taxonomy_menu +taxonomy_menu (drupal) +taxonomy_menu_block (drupal) +texinfo +tfa +tfa (drupal) +tfa_basic +tfa_basic (drupal) +time +tinyMCE +title (drupal) +Token (Drupal) +traceroute +Translation helpers (drupal) +transliteration (drupal) +trustedgrub +tunctl +Twitter Timeline (drupal) +ucf +udev +Ulimate Cron (Drupal) +unattended-upgrades +underscore.js (drupal) +unixODBC +update-inetd +upstart +user_pwreset_timeout (Drupal) +util-linux +util-linux-locales +util-linux-ng +Variable (drupal) +vgabios +Views (drupal) +Views_bulk_operations (drupal) +views_send (drupal) +vim +Voting API (drupal) +VPPR (drupal) +wget +which +whiptail +workbench (drupal) +workbench_moderation (drupal) +Wysiwig (drupal) +xautoload (drupal) +xml-core +xmlto +xtrabackup +xz +xz-utils + +Benchmarking + +Licensee may disclose the results of any benchmark test of the Program or its subcomponents to any third party provided that Licensee (A) publicly discloses the complete methodology used in the benchmark test (for example, hardware and software setup, installation procedure and configuration files), (B) performs Licensee's benchmark testing running the Program in its Specified Operating Environment using the latest applicable updates, patches and fixes available for the Program from IBM or third parties that provide IBM products ("Third Parties"), and (C) follows any and all performance tuning and "best practices" guidance available in the Program's documentation and on IBM's support web sites for the Program. If Licensee publishes the results of any benchmark tests for the Program, then notwithstanding anything to the contrary in any agreement between Licensee and IBM or Third Parties, IBM and Third Parties will have the right to publish the results of benchmark tests with respect to Licensee's products provided IBM or Third Parties complies with the requirements of (A), (B) and (C) above in its testing of Licensee's products. + +Notwithstanding the foregoing, under no circumstances may Licensee publish the results of benchmark tests run on Oracle Outside In Technology without prior written permission. + +The above benchmarking terms apply to the following Programs or subcomponents: +IBM API Connect V5.0 + +Source Components and Sample Materials + +The Program may include some components in source code form ("Source Components") and other materials identified as Sample Materials. Licensee may copy and modify Source Components and Sample Materials for internal use only provided such use is within the limits of the license rights under this Agreement, provided however that Licensee may not alter or delete any copyright information or notices contained in the Source Components or Sample Materials. IBM provides the Source Components and Sample Materials without obligation of support and "AS IS", WITH NO WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTY OF TITLE, NON-INFRINGEMENT OR NON-INTERFERENCE AND THE IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + +Processor Value Unit (PVU) + +Processor Value Unit (PVU) is a unit of measure by which the Program can be licensed. The number of PVU entitlements required is based on the processor technology (defined within the PVU Table by Processor Vendor, Brand, Type and Model Number at http://www.ibm.com/software/lotus/passportadvantage/pvu_licensing_for_customers.html) and the number of processors made available to the Program. IBM continues to define a processor, for the purpose of PVU-based licensing, to be each processor core on a chip. A dual-core processor chip, for example, has two processor cores. + +Licensee can deploy the Program using either Full Capacity licensing or Virtualization Capacity (Sub-Capacity) licensing according to the Passport Advantage Sub-Capacity Licensing Terms (see webpage below). If using Full Capacity licensing, Licensee must obtain PVU entitlements sufficient to cover all activated processor cores* in the physical hardware environment made available to or managed by the Program, except for those servers from which the Program has been permanently removed. If using Virtualization Capacity licensing, Licensee must obtain entitlements sufficient to cover all activated processor cores made available to or managed by the Program, as defined according to the Virtualization Capacity License Counting Rules at http://www.ibm.com/software/lotus/passportadvantage/Counting_Software_licenses_using_specific_virtualization_technologies.html. + +* An Activated processor core is a processor core that is available for use in a physical or virtual server, regardless of whether the capacity of the processor core can be or is limited through virtualization technologies, operating system commands, BIOS settings, or similar restrictions. + +General Charge Terms + +Monthly API Call is a unit of measure by which the Program can be licensed. An API Call is the invocation of the Program via a programmable interface. Sufficient entitlements must be obtained to cover the maximum number of API Calls in any calendar month. + + +Program-unique Terms + +Licensee's use of Developer Portal, API Manager and MicroGateway is limited to a Single Data Center. + +"Single Data Center" is defined as a large group of networked computer servers used for the remote storage, processing, or distribution of large amounts of data in a single physical location. + +For every PVU entitlement obtained and used to install the API Manager component of the Program, Licensee is entitled to an additional PVU entitlement to be used only for the API Connect Collective component of the Program. + +The Program may collect information from Licensee's users concerning their user experience, which is used to enhance the Program and make recommendations about ways your users can enhance their experience. Licensee's users have the ability to decide whether to share this information with IBM. + +Supporting Program Details + +If Licensee obtains the Program on Monthly API Call entitlements, the following restrictions apply: + +API Connect Create for Node.js +Entitlement: 600 PVUs if Licensee does not install WebSphere Application Server Liberty Core. If Licensee installs WebSphere Application Server Liberty Core, Licensee may only use a combined maximum of 600 PVUs for both API Connect Create for Node.js and WebSphere Application Server Liberty Core, but never more than 200 PVUs of WebSphere Application Server Liberty Core, as stated below. +Licensee's right to use API Connect Create for Node.js is not restricted if deployed for Development. + +WebSphere Application Server Liberty Core +Entitlement: 200 PVUs + +If Licensee obtains the Program on PVU entitlements, the following restrictions apply: + +API Connect Create for Node.js +Entitlement: Ratio 1 PVU / 1 PVU +Licensee's right to use API Connect Create for Node.js is not restricted if deployed for Development. + +WebSphere Application Server Liberty Core +Entitlement: 200 PVUs, except when used in support of MobileFirst Foundation Extension (licensed separately). Notwithstanding anything to the contrary in this Agreement, Licensee may use WebSphere Application Server Liberty Core in support of MobileFirst Foundation Extension up to the authorized PVU entitlements of the Principal Program. + +"Ratio n/m" means that Licensee receives some number ('n') entitlements of the indicated metric for the Supporting Program for every specified number ('m') entitlements of the specified metric for the Program as a whole. The specified ratio does not apply to any entitlements for the Program that are not of the required metric type. The number of entitlements for the Supporting Program is rounded up to a multiple of 'n'. For example, if a Program includes 100 PVUs for a Supporting Program for every 500 PVUs obtained of the Principal Program and Licensee acquires 1,200 PVUs of the Program, Licensee may install the Supporting Program and have processor cores available to or managed by it of up to 300 PVUs. Those PVUs would not need to be counted as part of the total PVU requirement for Licensee's installation of the Program on account of the installation of the Supporting Program (although those PVUs might need to be counted for other reasons, such as the processor cores being made available to other components of the Program, as well). + +"Development" means that the Program can only be deployed as part of Licensee's internal development and unit testing environments. Licensee is not authorized to use the Program for testing, quality assurance activity, testing scalability of any code, application or system, internal benchmarking, staging, production workloads, or simulating production workloads. Licensee is not authorized to use any part of the Program for any other purposes without acquiring the appropriate non-production or production entitlements. + + +L/N: L-CLIG-ACRLYG +D/N: L-CLIG-ACRLYG +P/N: L-CLIG-ACRLYG + + + +============================================== + + +LICENSE INFORMATION + +The Programs listed below are licensed under the following License Information terms and conditions in addition to the Program license terms previously agreed to by Client and IBM. If Client does not have previously agreed to license terms in effect for the Program, the International Program License Agreement (Z125-3301-14) applies. + +Program Name: IBM API Connect Enterprise Edition V5.0 +Program Number: 5725-Z22 + +Program Name: IBM API Connect Enterprise Non Production V5.0 +Program Number: 5725-Z22 + +As described in the International Program License Agreement ("IPLA") and this License Information, IBM grants Licensee a limited right to use the Program. This right is limited to the level of Authorized Use, such as a Processor Value Unit ("PVU"), a Resource Value Unit ("RVU"), a Value Unit ("VU"), or other specified level of use, paid for by Licensee as evidenced in the Proof of Entitlement. Licensee's use may also be limited to a specified machine, or only as a Supporting Program, or subject to other restrictions. As Licensee has not paid for all of the economic value of the Program, no other use is permitted without the payment of additional fees. In addition, Licensee is not authorized to use the Program to provide commercial IT services to any third party, to provide commercial hosting or timesharing, or to sublicense, rent, or lease the Program unless expressly provided for in the applicable agreements under which Licensee obtains authorizations to use the Program. Additional rights may be available to Licensee subject to the payment of additional fees or under different or supplementary terms. IBM reserves the right to determine whether to make such additional rights available to Licensee. + +Program's specifications can be found in the collective Description and Technical Information sections of the Program's Announcement Letters. + +Supporting Programs + +The Program is licensed as a multi-product package and includes the Supporting Programs identified below. Licensee is authorized to install and use such Supporting Programs only to support Licensee's use of the Principal Program under this Agreement and within the limits of the Proofs of Entitlement for the Program (unless broader rights are provided elsewhere in this License Information document). The phrase "to support Licensee's use" would include only those uses that are necessary or otherwise directly related to a licensed use of the Principal Program or another Supporting Program. The Supporting Programs may not be used for any other purpose. Licensee is not authorized to transfer or remarket the Supporting Programs separate from the Principal Program. A Supporting Program may be accompanied by license terms, and those terms, if any, apply to Licensee's use of that Supporting Program. In the event of conflict, the terms in this License Information document supersede the Supporting Program's terms. When Licensee's right to use the Program expires or terminates, Licensee must discontinue use, destroy or promptly return all copies of the Supporting Programs to the party from whom Licensee acquired the Program. If Licensee downloaded the Supporting Programs, Licensee should contact the party from whom Licensee acquired the Program. If Licensee wishes to license the Supporting Programs for any use beyond the limits set forth above, please contact an IBM Sales Representative or the party from whom Licensee acquired the Program to obtain the appropriate license. + +The following are Supporting Programs licensed with the Program: +IBM DataPower Gateway Virtual Edition V7.5 +Application Optimization Module for IBM DataPower Gateway V7.5 +WebSphere Application Server Liberty Core V8.5.5 +API Connect Create for Node.js V5.0 +IBM HTTP Server + +Non-Production Limitation + +If the Program is designated as "Non-Production", the Program can only be deployed as part of the Licensee's internal development and test environment for internal non-production activities, including but not limited to testing, performance tuning, fault diagnosis, internal benchmarking, staging, quality assurance activity and/or developing internally used additions or extensions to the Program using published application programming interfaces. Licensee is not authorized to use any part of the Program for any other purposes without acquiring the appropriate production entitlements. + +Separately Licensed Code + +The provisions of this paragraph do not apply to the extent they are held to be invalid or unenforceable under the law that governs this license. Each of the components listed below is considered "Separately Licensed Code". IBM Separately Licensed Code is licensed to Licensee under the terms of the applicable third party license agreement(s) set forth in the NON_IBM_LICENSE file(s) that accompanies the Program. Notwithstanding any of the terms in the Agreement, or any other agreement Licensee may have with IBM, the terms of such third party license agreement(s) governs Licensee's use of all Separately Licensed Code unless otherwise noted below. + +Future Program updates or fixes may contain additional Separately Licensed Code. Such additional Separately Licensed Code and related licenses are listed in another NON_IBM_LICENSE file that accompanies the Program update or fix. Licensee acknowledges that Licensee has read and agrees to the license agreements contained in the NON_IBM_LICENSE file(s). If Licensee does not agree to the terms of these third party license agreements, Licensee may not use the Separately Licensed Code. + +For Programs acquired under the International Program License Agreement ("IPLA") or International Program License Agreement for Non Warranted Program ("ILAN") and Licensee is the original licensee of the Program, if Licensee does not agree with the third party license agreements, Licensee may return the Program in accordance with the terms of, and within the specified time frames stated in, the "Money-back Guarantee" section of the IPLA or ILAN IBM Agreement. + +Note: Notwithstanding any of the terms in the third party license agreement, the Agreement, or any other agreement Licensee may have with IBM: +(a) IBM provides this Separately Licensed Code to Licensee WITHOUT WARRANTIES OF ANY KIND; +(b) IBM DISCLAIMS ANY AND ALL EXPRESS AND IMPLIED WARRANTIES AND CONDITIONS INCLUDING, BUT NOT LIMITED TO, THE WARRANTY OF TITLE, NON-INFRINGEMENT OR INTERFERENCE AND THE IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, WITH RESPECT TO THE SEPARATELY LICENSED CODE; +(c) IBM is not liable to Licensee, and will not defend, indemnify, or hold Licensee harmless for any claims arising from or related to the Separately Licensed Code; and +(d) IBM is not liable for any direct, indirect, incidental, special, exemplary, punitive or consequential damages including, but not limited to, lost data, lost savings, and lost profits, with respect to the Separately Licensed Code. + +Notwithstanding these exclusions, in Germany and Austria, IBM's warranty and liability for the Separately Licensed Code is governed only by the respective terms applicable for Germany and Austria in IBM license agreements. + +Note: IBM may provide limited support for some Separately Licensed Code. If such support is available, the details and any additional terms related to such support will be set forth in the License Information document. + +The following are Separately Licensed Code: +acl +acpi +acpid +acpi-support +adaptivetheme (drupal) +addressfield (drupal) +AddToAny (drupal) +AddToAny (drupal) +adduser +admin_menu (drupal) +adminimal_admin_menu (drupal) +adminimal_theme (drupal) +advagg (drupal) +Advanced Forum (drupal) +Advanced syslog (drupal) +alpha_pagination +alsa-lib +angular.js/images/logo +Ansible +apt +aptitude +aptitude-common +apt-utils +at +AT Tools (drupal) +atk +attr +audit +augeas +autogen +Automated Logout (drupal) +avahi +base-files +base-lsb +base-passwd +bash +bc +Bean (drupal) +Bean (drupal) +better_exposed_filters (drupal... +binary_heap.js +bind +bind9-host +binutils +Block Class (drupal) +Block Class Styles (drupal) +BOA +bridge-utils +busybox +c3p0 +ca-certificates +cairo +cairo-spice +caniuse-db(node) +CAPTCHA (Drupal) +cdrkit +chain_menu_access +chkconfig +commons.wikimedia +compat-gcc-32 +config.guess +ConsoleKit +console-setup +content_access (drupal) +context (drupal) +coreutils +cpio +cron +cronie +crontabs +cryptsetup-luks +csync2 +CTools (drupal) +CTools (drupal) +cups +cvs +d3 (drupal) +dash +dbus +dbus-glib +debian-archive-keyring +debianutils +desktop-file-utils +device-mapper-multipath +dialog +dictionaries-common +diffutils +discover +dmidecode +dmsetup +dnsmasq +dpkg +dracut +drbd83-kmod +drbd83-utils +Drupal +Drupal +drupal_helpers (drupal) +drush_language (drupal) +e2fslibs +e2fsprogs +ebtables +ed +eggdbus +eject +ejectorseat (drupal) +elfutils +entity (drupal) +Entity API (drupal) +Entity API (drupal) +Entity Reference (drupal) +ethtool +FAQ (drupal) +faq.html +Farbtastic +ffmpeg-spice +field_group (drupal) +filesystem +findutils +Fivestar (drupal) +Flag (Drupal) +Flag (Drupal) +flood_control +follow +Font Awesome4.1.0 +Font-Awesome +forum_access +forum_access +frameprevention (drupal) +gamin +gawk +gcc +gcc-4.7-base +gdb +gdbm +geoip-database +gettext +gettext-base +git +git-core +git-man +glib2 +glibc +gmp +GNU Libtool +gnupg +gnutls +gpgv +gpm +gpxe +grep +groff +groff-base +Group (drupal) +grub +grub2-common +grubby +grub-common +grub-pc +grub-pc-bin +gtfs +gtk2 +gzip +Hibernate +hicolor-icon-theme +hide_submit (Drupal) +Hierachical Select (Drupal) +hierarchical_select +hierarchical_select (drupal) +hostname +Htmlmail (drupal) +httprl (drupal) +hwdata +hybridauth (drupal) +hybridauth library +i18n (drupal) +ifupdown +igb-kmod +Image CAPTCHA Refresh (drupal) +Images +IMCE +IMCE (drupal) +imce_wysiwyg +imce_wysiwyg (drupal) +index-debug.html +info +initramfs-tools +initscripts +insserv +installation-report +install-info +iproute +iptables +iputils-ping +ipvsadm +irqbalance +iscsi-initiator-utils +iso-codes +ixgbe-kmod +jq +jQuery Update (drupal) +JSONSelect site +kbd +kernel +kexec-tools +keyboard-configuration +keyutils +klibc-utils +kmod +l10n_update +l10n_update (drupal) +LDAP (drupal) +LDAP (drupal) +legal (drupal) +less +libacl1 +libaio +libapt-inst1.5 +libapt-pkg4.12 +libart_lgpl +libasprintf0c2 +libasyncns +libattr1 +libblkid1 +libbz2-1.0 +libc6 +libcap2 +libcap-ng +libc-bin +libcgroup +libclass-isa-perl +libcmpiutil +libcomerr2 +libcwidget3 +libdb5.1 +libdbd-mysql-perl +libdbi-perl +libdevmapper1.02.1 +libdevmapper-event1.02.1 +libdiscover2 +libept1.4.12 +liberror-perl +libev4 +libfile-copy-recursive-perl +libfreetype6 +libfuse2 +libgcc1 +libgcrypt +libgcrypt11 +libgd2-xpm +libgdbm3 +libgeoip1 +libgnutls2 +libgnutls-openssl27 +libgpg-error +libgpg-error0 +libhtml-template-perl +libidn +libidn11 +libkeyutils1 +libklibc +libkmod2 +liblocale-gettext-perl +libltdl7 +liblzma5 +libmariadbclient18 +libmcrypt4 +libmount1 +libmverbs +libmysqlclient18 +libnewt0.52 +libnfnetlink0 +libnih +libnl +libp11-kit0 +libpam0g +libpam-modules +libpam-modules-bin +libpam-runtime +libpci3 +libpipeline1 +libpng12-0 +libpopt0 +libprocps0 +libqdbm14 +Libraries API (drupal) +libreadline5 +libreadline6 +librsync1 +librtmp0 +libsasl2-2 +libsasl2-modules +libselinux1 +libsemanage1 +libsemanage-common +libsepol +libsepol1 +libsigc++-2.0-0c2a +libsigsegv2 +libslang2 +libsndfile +libss2 +libstdc++6 +libswitch-perl +libt +libtasn1 +libtasn1-3 +libtext-charwidth-perl +libtext-iconv-perl +libtext-wrapi18n-perl +libthai +libtool +libudev0 +libusb +libusb-0.1-4 +libuser +libustr-1.0-1 +libutempter +libuuid1 +libuuid-perl +libvirt +libvirt-cim +libxapian22 +linkchecker (drupal) +linkchecker (drupal) +linkit +linkit (drupal) +linkit_picker +linkit_picker (drupal) +linux-base +linux-image-3.2.0 +lksctp-tools +lm_sensors +locales +login +logrotate +lsb-base +lsb-release +lsof +lsyncd +lvm2 +lzo +lzop +m4 +Mailsystem (drupal) +make +MAKEDEV +man +man-db +manpages +mariadb-client-5.5 +mariadb-client-core-5.5 +mariadb-common +mariadb-galera-server +mariadb-galera-server-5.5 +markdown (drupal) +material-design-icons +material-design-icons-iconfont +mawk +mdadm +megaraid_sas-kmod +menu_item_visibility (drupal) +menu_item_visibility (drupal) +messaging (drupal) +metatag (drupal) +microcode_ctl +mime-support +mingetty +module-init-tools +mount +mptlinux-kmod +multiarch-support +mysql +mysql-common +nano +netbase +netcat-traditional +netcf +net-tools +newt +nfs-utils +nginx +nginx-common +nginx-full +nmap +no_autocomplete (drupal) +node_clone (drupal) +notifications (drupal) +notifications_forum (drupal) +nss-pam-ldapd +numactl +numad +ocfs2-tools +ofa_kernel +OpenIPMI +openssh-blacklist +openssh-blacklist-extra +openssh-client +openssh-server +oprofile +os-prober +pam +pam_ldap +Panels (drupal) +Panels (drupal) +pango +parted +passwd +Password policy (drupal) +patch +Pathologic (drupal) +PCD +pciutils +percona-xtrabackup +Percona-XtraDB-Cluster +perl +perl-base +perl-modules +PHP SAML2 +phpmailer +PHPMailer (drupal) +pkgconfig +pkg-config +plymouth +pm-utils +polkit +portreserve +prelink +procmail +procps +psmisc +pulseaudio +python +python2.7 +python2.7-minimal +python-apt +python-apt-common +python-gnupginterface +python-minimal +python-pycurl +python-software-properties +python-support +qemu-kvm +readline +readline-common +restrict_by_ip (drupal) +restws (drupal) +rng-tools +rpm +rsync +rsyslog +Rules_http_client (drupal) +scsi-target-utils +seabios +search_autocomplete (drupal) +search_config (drupal) +search404 (drupal) +seckit (drupal) +security_questions (drupal) +sed +seek-bzip +sensible-utils +session_limit (drupal) +sgml-base +shadow-utils +shared-mime-info +sharutils +Simple Dialog +simplesamlphp +simplesamlphp_auth (drupal) +site_test (drupal) +site_test_helpers (drupal) +slang +slick (drupal) +slick_extras (drupal) +slick_views (drupal) +socat +SPDX specification +spdx-exceptions(Node)1.0.3 +spdx-exceptions(Node)1.0.4 +spdx-exceptions(Node)1.0.5 +spdx-expression-parse (node) +spice-server +sshpass +ssmtp +StatsD (drupal) +stickynav (drupal) +Support Ticketing System (drupal) +swig +sysfsutils +syslog-ng +sysstat +sysvinit +sysvinit-utils +sysv-rc +TagCloud (drupal) +tar +tar-static +tasksel +tasksel-data +taxonomy_menu +taxonomy_menu (drupal) +taxonomy_menu_block (drupal) +texinfo +tfa +tfa (drupal) +tfa_basic +tfa_basic (drupal) +time +tinyMCE +tmpreaper +Token (Drupal) +traceroute +Translation helpers (drupal) +transliteration (drupal) +trustedgrub +tunctl +Twitter Timeline (drupal) +ucf +udev +Ulimate Cron (Drupal) +Ulimate Cron (Drupal) +unattended-upgrades +underscore.js (drupal) +unixODBC +update-inetd +upstart +user_pwreset_timeout (Drupal) +util-linux +util-linux-locales +util-linux-ng +Variable (drupal) +vgabios +Views (drupal) +Views_bulk_operations (drupal) +views_send (drupal) +vim +Voting API (drupal) +VPPR (drupal) +wget +which +whiptail +workbench (drupal) +workbench_moderation (drupal) +Wysiwig (drupal) +xautoload (drupal) +xml-core +xmlto +xpath.js +xtrabackup +xz +xz-utils + +Benchmarking + +Licensee may disclose the results of any benchmark test of the Program or its subcomponents to any third party provided that Licensee (A) publicly discloses the complete methodology used in the benchmark test (for example, hardware and software setup, installation procedure and configuration files), (B) performs Licensee's benchmark testing running the Program in its Specified Operating Environment using the latest applicable updates, patches and fixes available for the Program from IBM or third parties that provide IBM products ("Third Parties"), and (C) follows any and all performance tuning and "best practices" guidance available in the Program's documentation and on IBM's support web sites for the Program. If Licensee publishes the results of any benchmark tests for the Program, then notwithstanding anything to the contrary in any agreement between Licensee and IBM or Third Parties, IBM and Third Parties will have the right to publish the results of benchmark tests with respect to Licensee's products provided IBM or Third Parties complies with the requirements of (A), (B) and (C) above in its testing of Licensee's products. + +Notwithstanding the foregoing, under no circumstances may Licensee publish the results of benchmark tests run on Oracle Outside In Technology without prior written permission. + +The above benchmarking terms apply to the following Programs or subcomponents: +IBM API Connect V5.0 + +Source Components and Sample Materials + +The Program may include some components in source code form ("Source Components") and other materials identified as Sample Materials. Licensee may copy and modify Source Components and Sample Materials for internal use only provided such use is within the limits of the license rights under this Agreement, provided however that Licensee may not alter or delete any copyright information or notices contained in the Source Components or Sample Materials. IBM provides the Source Components and Sample Materials without obligation of support and "AS IS", WITH NO WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTY OF TITLE, NON-INFRINGEMENT OR NON-INTERFERENCE AND THE IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. + +Processor Value Unit (PVU) + +Processor Value Unit (PVU) is a unit of measure by which the Program can be licensed. The number of PVU entitlements required is based on the processor technology (defined within the PVU Table by Processor Vendor, Brand, Type and Model Number at http://www.ibm.com/software/lotus/passportadvantage/pvu_licensing_for_customers.html) and the number of processors made available to the Program. IBM continues to define a processor, for the purpose of PVU-based licensing, to be each processor core on a chip. A dual-core processor chip, for example, has two processor cores. + +Licensee can deploy the Program using either Full Capacity licensing or Virtualization Capacity (Sub-Capacity) licensing according to the Passport Advantage Sub-Capacity Licensing Terms (see webpage below). If using Full Capacity licensing, Licensee must obtain PVU entitlements sufficient to cover all activated processor cores* in the physical hardware environment made available to or managed by the Program, except for those servers from which the Program has been permanently removed. If using Virtualization Capacity licensing, Licensee must obtain entitlements sufficient to cover all activated processor cores made available to or managed by the Program, as defined according to the Virtualization Capacity License Counting Rules at http://www.ibm.com/software/lotus/passportadvantage/Counting_Software_licenses_using_specific_virtualization_technologies.html. + +* An Activated processor core is a processor core that is available for use in a physical or virtual server, regardless of whether the capacity of the processor core can be or is limited through virtualization technologies, operating system commands, BIOS settings, or similar restrictions. + +General Charge Terms + +Monthly API Call is a unit of measure by which the Program can be licensed. An API Call is the invocation of the Program via a programmable interface. Sufficient entitlements must be obtained to cover the maximum number of API Calls in any calendar month. + + +Program-unique Terms + +For every PVU entitlement obtained and used to install the API Manager component of the Program, Licensee is entitled to an additional PVU entitlement to be used only for the API Connect Collective component of the Program. + +The Program may collect information from Licensee's users concerning their user experience, which is used to enhance the Program and make recommendations about ways your users can enhance their experience. Licensee's users have the ability to decide whether to share this information with IBM. + +Supporting Program Details + +If Licensee obtains the Program on Monthly API Call entitlements, the following restrictions apply: + +Entitlement: 1200 PVUs if Licensee does not install WebSphere Application Server Liberty Core. If Licensee installs WebSphere Application Server Liberty Core, Licensee may only use a combined maximum of 1200 PVUs for both API Connect Create for Node.js and WebSphere Application Server Liberty Core, but never more than 200 PVUs of WebSphere Application Server Liberty Core, as stated below. +Licensee's right to use API Connect Create for Node.js is not restricted if deployed for Development. + +WebSphere Application Server Liberty Core +Entitlement: 200 PVUs + +If Licensee obtains the Program on PVU entitlements, the following restrictions apply: +API Connect Create for Node.js +Entitlement: Ratio 1 PVU/1 PVU +Licensee's right to use API Connect Create for Node.js is not restricted if deployed for Development. + +WebSphere Application Server Liberty Core +Entitlement: 200 PVUs, except when used in support of MobileFirst Foundation Extension (licensed separately). Notwithstanding anything to the contrary in this Agreement, Licensee may use WebSphere Application Server Liberty Core in support of MobileFirst Foundation Extension up to the authorized PVU entitlements of the Principal Program. + +"Ratio n/m" means that Licensee receives some number ('n') entitlements of the indicated metric for the Supporting Program for every specified number ('m') entitlements of the specified metric for the Program as a whole. The specified ratio does not apply to any entitlements for the Program that are not of the required metric type. The number of entitlements for the Supporting Program is rounded up to a multiple of 'n'. For example, if a Program includes 100 PVUs for a Supporting Program for every 500 PVUs obtained of the Principal Program and Licensee acquires 1,200 PVUs of the Program, Licensee may install the Supporting Program and have processor cores available to or managed by it of up to 300 PVUs. Those PVUs would not need to be counted as part of the total PVU requirement for Licensee's installation of the Program on account of the installation of the Supporting Program (although those PVUs might need to be counted for other reasons, such as the processor cores being made available to other components of the Program, as well). + +"Development" means that the Program can only be deployed as part of Licensee's internal development and unit testing environments. Licensee is not authorized to use the Program for testing, quality assurance activity, testing scalability of any code, application or system, internal benchmarking, staging, production workloads, or simulating production workloads. Licensee is not authorized to use any part of the Program for any other purposes without acquiring the appropriate non-production or production entitlements. + + +L/N: L-CLIG-ACRLZQ +D/N: L-CLIG-ACRLZQ +P/N: L-CLIG-ACRLZQ + + + + + +International Program License Agreement + +Part 1 - General Terms + +BY DOWNLOADING, INSTALLING, COPYING, ACCESSING, CLICKING ON AN "ACCEPT" BUTTON, OR OTHERWISE USING THE PROGRAM, LICENSEE AGREES TO THE TERMS OF THIS AGREEMENT. IF YOU ARE ACCEPTING THESE TERMS ON BEHALF OF LICENSEE, YOU REPRESENT AND WARRANT THAT YOU HAVE FULL AUTHORITY TO BIND LICENSEE TO THESE TERMS. IF YOU DO NOT AGREE TO THESE TERMS, + +* DO NOT DOWNLOAD, INSTALL, COPY, ACCESS, CLICK ON AN "ACCEPT" BUTTON, OR USE THE PROGRAM; AND + +* PROMPTLY RETURN THE UNUSED MEDIA, DOCUMENTATION, AND PROOF OF ENTITLEMENT TO THE PARTY FROM WHOM IT WAS OBTAINED FOR A REFUND OF THE AMOUNT PAID. IF THE PROGRAM WAS DOWNLOADED, DESTROY ALL COPIES OF THE PROGRAM. + +1. Definitions + +"Authorized Use" - the specified level at which Licensee is authorized to execute or run the Program. That level may be measured by number of users, millions of service units ("MSUs"), Processor Value Units ("PVUs"), or other level of use specified by IBM. + +"IBM" - International Business Machines Corporation or one of its subsidiaries. + +"License Information" ("LI") - a document that provides information and any additional terms specific to a Program. The Program's LI is available at www.ibm.com/software/sla. The LI can also be found in the Program's directory, by the use of a system command, or as a booklet included with the Program. + +"Program" - the following, including the original and all whole or partial copies: 1) machine-readable instructions and data, 2) components, files, and modules, 3) audio-visual content (such as images, text, recordings, or pictures), and 4) related licensed materials (such as keys and documentation). + +"Proof of Entitlement" ("PoE") - evidence of Licensee's Authorized Use. The PoE is also evidence of Licensee's eligibility for warranty, future update prices, if any, and potential special or promotional opportunities. If IBM does not provide Licensee with a PoE, then IBM may accept as the PoE the original paid sales receipt or other sales record from the party (either IBM or its reseller) from whom Licensee obtained the Program, provided that it specifies the Program name and Authorized Use obtained. + +"Warranty Period" - one year, starting on the date the original Licensee is granted the license. + +2. Agreement Structure + +This Agreement includes Part 1 - General Terms, Part 2 - Country-unique Terms (if any), the LI, and the PoE and is the complete agreement between Licensee and IBM regarding the use of the Program. It replaces any prior oral or written communications between Licensee and IBM concerning Licensee's use of the Program. The terms of Part 2 may replace or modify those of Part 1. To the extent of any conflict, the LI prevails over both Parts. + +3. License Grant + +The Program is owned by IBM or an IBM supplier, and is copyrighted and licensed, not sold. + +IBM grants Licensee a nonexclusive license to 1) use the Program up to the Authorized Use specified in the PoE, 2) make and install copies to support such Authorized Use, and 3) make a backup copy, all provided that + +a. Licensee has lawfully obtained the Program and complies with the terms of this Agreement; + +b. the backup copy does not execute unless the backed-up Program cannot execute; + +c. Licensee reproduces all copyright notices and other legends of ownership on each copy, or partial copy, of the Program; + +d. Licensee ensures that anyone who uses the Program (accessed either locally or remotely) 1) does so only on Licensee's behalf and 2) complies with the terms of this Agreement; + +e. Licensee does not 1) use, copy, modify, or distribute the Program except as expressly permitted in this Agreement; 2) reverse assemble, reverse compile, otherwise translate, or reverse engineer the Program, except as expressly permitted by law without the possibility of contractual waiver; 3) use any of the Program's components, files, modules, audio-visual content, or related licensed materials separately from that Program; or 4) sublicense, rent, or lease the Program; and + +f. if Licensee obtains this Program as a Supporting Program, Licensee uses this Program only to support the Principal Program and subject to any limitations in the license to the Principal Program, or, if Licensee obtains this Program as a Principal Program, Licensee uses all Supporting Programs only to support this Program, and subject to any limitations in this Agreement. For purposes of this Item "f," a "Supporting Program" is a Program that is part of another IBM Program ("Principal Program") and identified as a Supporting Program in the Principal Program's LI. (To obtain a separate license to a Supporting Program without these restrictions, Licensee should contact the party from whom Licensee obtained the Supporting Program.) + +This license applies to each copy of the Program that Licensee makes. + +3.1 Trade-ups, Updates, Fixes, and Patches + +3.1.1 Trade-ups + +If the Program is replaced by a trade-up Program, the replaced Program's license is promptly terminated. + +3.1.2 Updates, Fixes, and Patches + +When Licensee receives an update, fix, or patch to a Program, Licensee accepts any additional or different terms that are applicable to such update, fix, or patch that are specified in its LI. If no additional or different terms are provided, then the update, fix, or patch is subject solely to this Agreement. If the Program is replaced by an update, Licensee agrees to promptly discontinue use of the replaced Program. + +3.2 Fixed Term Licenses + +If IBM licenses the Program for a fixed term, Licensee's license is terminated at the end of the fixed term, unless Licensee and IBM agree to renew it. + +3.3 Term and Termination + +This Agreement is effective until terminated. + +IBM may terminate Licensee's license if Licensee fails to comply with the terms of this Agreement. + +If the license is terminated for any reason by either party, Licensee agrees to promptly discontinue use of and destroy all of Licensee's copies of the Program. Any terms of this Agreement that by their nature extend beyond termination of this Agreement remain in effect until fulfilled, and apply to both parties' respective successors and assignees. + +4. Charges + +Charges are based on Authorized Use obtained, which is specified in the PoE. IBM does not give credits or refunds for charges already due or paid, except as specified elsewhere in this Agreement. + +If Licensee wishes to increase its Authorized Use, Licensee must notify IBM or an authorized IBM reseller in advance and pay any applicable charges. + +5. Taxes + +If any authority imposes on the Program a duty, tax, levy, or fee, excluding those based on IBM's net income, then Licensee agrees to pay that amount, as specified in an invoice, or supply exemption documentation. Licensee is responsible for any personal property taxes for the Program from the date that Licensee obtains it. If any authority imposes a customs duty, tax, levy, or fee for the import into or the export, transfer, access, or use of the Program outside the country in which the original Licensee was granted the license, then Licensee agrees that it is responsible for, and will pay, any amount imposed. + +6. Money-back Guarantee + +If Licensee is dissatisfied with the Program for any reason and is the original Licensee, Licensee may terminate the license and obtain a refund of the amount Licensee paid for the Program, provided that Licensee returns the Program and PoE to the party from whom Licensee obtained it within 30 days of the date the PoE was issued to Licensee. If the license is for a fixed term that is subject to renewal, then Licensee may obtain a refund only if the Program and its PoE are returned within the first 30 days of the initial term. If Licensee downloaded the Program, Licensee should contact the party from whom Licensee obtained it for instructions on how to obtain the refund. + +7. Program Transfer + +Licensee may transfer the Program and all of Licensee's license rights and obligations to another party only if that party agrees to the terms of this Agreement. If the license is terminated for any reason by either party, Licensee is prohibited from transferring the Program to another party. Licensee may not transfer a portion of 1) the Program or 2) the Program's Authorized Use. When Licensee transfers the Program, Licensee must also transfer a hard copy of this Agreement, including the LI and PoE. Immediately after the transfer, Licensee's license terminates. + +8. Warranty and Exclusions + +8.1 Limited Warranty + +IBM warrants that the Program, when used in its specified operating environment, will conform to its specifications. The Program's specifications, and specified operating environment information, can be found in documentation accompanying the Program (such as a read-me file) or other information published by IBM (such as an announcement letter). Licensee agrees that such documentation and other Program content may be supplied only in the English language, unless otherwise required by local law without the possibility of contractual waiver or limitation. + +The warranty applies only to the unmodified portion of the Program. IBM does not warrant uninterrupted or error-free operation of the Program, or that IBM will correct all Program defects. Licensee is responsible for the results obtained from the use of the Program. + +During the Warranty Period, IBM provides Licensee with access to IBM databases containing information on known Program defects, defect corrections, restrictions, and bypasses at no additional charge. Consult the IBM Software Support Handbook for further information at www.ibm.com/software/support. + +If the Program does not function as warranted during the Warranty Period and the problem cannot be resolved with information available in the IBM databases, Licensee may return the Program and its PoE to the party (either IBM or its reseller) from whom Licensee obtained it and receive a refund of the amount Licensee paid. After returning the Program, Licensee's license terminates. If Licensee downloaded the Program, Licensee should contact the party from whom Licensee obtained it for instructions on how to obtain the refund. + +8.2 Exclusions + +THESE WARRANTIES ARE LICENSEE'S EXCLUSIVE WARRANTIES AND REPLACE ALL OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. SOME STATES OR JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF EXPRESS OR IMPLIED WARRANTIES, SO THE ABOVE EXCLUSION MAY NOT APPLY TO LICENSEE. IN THAT EVENT, SUCH WARRANTIES ARE LIMITED IN DURATION TO THE WARRANTY PERIOD. NO WARRANTIES APPLY AFTER THAT PERIOD. SOME STATES OR JURISDICTIONS DO NOT ALLOW LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY LASTS, SO THE ABOVE LIMITATION MAY NOT APPLY TO LICENSEE. + +THESE WARRANTIES GIVE LICENSEE SPECIFIC LEGAL RIGHTS. LICENSEE MAY ALSO HAVE OTHER RIGHTS THAT VARY FROM STATE TO STATE OR JURISDICTION TO JURISDICTION. + +THE WARRANTIES IN THIS SECTION 8 (WARRANTY AND EXCLUSIONS) ARE PROVIDED SOLELY BY IBM. THE DISCLAIMERS IN THIS SUBSECTION 8.2 (EXCLUSIONS), HOWEVER, ALSO APPLY TO IBM'S SUPPLIERS OF THIRD PARTY CODE. THOSE SUPPLIERS PROVIDE SUCH CODE WITHOUT WARRANTIES OR CONDITION OF ANY KIND. THIS PARAGRAPH DOES NOT NULLIFY IBM'S WARRANTY OBLIGATIONS UNDER THIS AGREEMENT. + +9. Licensee Data and Databases + +To assist Licensee in isolating the cause of a problem with the Program, IBM may request that Licensee 1) allow IBM to remotely access Licensee's system or 2) send Licensee information or system data to IBM. However, IBM is not obligated to provide such assistance unless IBM and Licensee enter a separate written agreement under which IBM agrees to provide to Licensee that type of support, which is beyond IBM's warranty obligations in this Agreement. In any event, IBM uses information about errors and problems to improve its products and services, and assist with its provision of related support offerings. For these purposes, IBM may use IBM entities and subcontractors (including in one or more countries other than the one in which Licensee is located), and Licensee authorizes IBM to do so. + +Licensee remains responsible for 1) any data and the content of any database Licensee makes available to IBM, 2) the selection and implementation of procedures and controls regarding access, security, encryption, use, and transmission of data (including any personally-identifiable data), and 3) backup and recovery of any database and any stored data. Licensee will not send or provide IBM access to any personally-identifiable information, whether in data or any other form, and will be responsible for reasonable costs and other amounts that IBM may incur relating to any such information mistakenly provided to IBM or the loss or disclosure of such information by IBM, including those arising out of any third party claims. + +10. Limitation of Liability + +The limitations and exclusions in this Section 10 (Limitation of Liability) apply to the full extent they are not prohibited by applicable law without the possibility of contractual waiver. + +10.1 Items for Which IBM May Be Liable + +Circumstances may arise where, because of a default on IBM's part or other liability, Licensee is entitled to recover damages from IBM. Regardless of the basis on which Licensee is entitled to claim damages from IBM (including fundamental breach, negligence, misrepresentation, or other contract or tort claim), IBM's entire liability for all claims in the aggregate arising from or related to each Program or otherwise arising under this Agreement will not exceed the amount of any 1) damages for bodily injury (including death) and damage to real property and tangible personal property and 2) other actual direct damages up to the charges (if the Program is subject to fixed term charges, up to twelve months' charges) Licensee paid for the Program that is the subject of the claim. + +This limit also applies to any of IBM's Program developers and suppliers. It is the maximum for which IBM and its Program developers and suppliers are collectively responsible. + +10.2 Items for Which IBM Is Not Liable + +UNDER NO CIRCUMSTANCES IS IBM, ITS PROGRAM DEVELOPERS OR SUPPLIERS LIABLE FOR ANY OF THE FOLLOWING, EVEN IF INFORMED OF THEIR POSSIBILITY: + +a. LOSS OF, OR DAMAGE TO, DATA; + +b. SPECIAL, INCIDENTAL, EXEMPLARY, OR INDIRECT DAMAGES, OR FOR ANY ECONOMIC CONSEQUENTIAL DAMAGES; OR + +c. LOST PROFITS, BUSINESS, REVENUE, GOODWILL, OR ANTICIPATED SAVINGS. + +11. Compliance Verification + +For purposes of this Section 11 (Compliance Verification), "IPLA Program Terms" means 1) this Agreement and applicable amendments and transaction documents provided by IBM, and 2) IBM software policies that may be found at the IBM Software Policy website (www.ibm.com/softwarepolicies), including but not limited to those policies concerning backup, sub-capacity pricing, and migration. + +The rights and obligations set forth in this Section 11 remain in effect during the period the Program is licensed to Licensee, and for two years thereafter. + +11.1 Verification Process + +Licensee agrees to create, retain, and provide to IBM and its auditors accurate written records, system tool outputs, and other system information sufficient to provide auditable verification that Licensee's use of all Programs is in compliance with the IPLA Program Terms, including, without limitation, all of IBM's applicable licensing and pricing qualification terms. Licensee is responsible for 1) ensuring that it does not exceed its Authorized Use, and 2) remaining in compliance with IPLA Program Terms. + +Upon reasonable notice, IBM may verify Licensee's compliance with IPLA Program Terms at all sites and for all environments in which Licensee uses (for any purpose) Programs subject to IPLA Program Terms. Such verification will be conducted in a manner that minimizes disruption to Licensee's business, and may be conducted on Licensee's premises, during normal business hours. IBM may use an independent auditor to assist with such verification, provided IBM has a written confidentiality agreement in place with such auditor. + +11.2 Resolution + +IBM will notify Licensee in writing if any such verification indicates that Licensee has used any Program in excess of its Authorized Use or is otherwise not in compliance with the IPLA Program Terms. Licensee agrees to promptly pay directly to IBM the charges that IBM specifies in an invoice for 1) any such excess use, 2) support for such excess use for the lesser of the duration of such excess use or two years, and 3) any additional charges and other liabilities determined as a result of such verification. + +12. Third Party Notices + +The Program may include third party code that IBM, not the third party, licenses to Licensee under this Agreement. Notices, if any, for the third party code ("Third Party Notices") are included for Licensee's information only. These notices can be found in the Program's NOTICES file(s). Information on how to obtain source code for certain third party code can be found in the Third Party Notices. If in the Third Party Notices IBM identifies third party code as "Modifiable Third Party Code," IBM authorizes Licensee to 1) modify the Modifiable Third Party Code and 2) reverse engineer the Program modules that directly interface with the Modifiable Third Party Code provided that it is only for the purpose of debugging Licensee's modifications to such third party code. IBM's service and support obligations, if any, apply only to the unmodified Program. + +13. General + +a. Nothing in this Agreement affects any statutory rights of consumers that cannot be waived or limited by contract. + +b. For Programs IBM provides to Licensee in tangible form, IBM fulfills its shipping and delivery obligations upon the delivery of such Programs to the IBM-designated carrier, unless otherwise agreed to in writing by Licensee and IBM. + +c. If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement remain in full force and effect. + +d. Licensee agrees to comply with all applicable export and import laws and regulations, including U.S. embargo and sanctions regulations and prohibitions on export for certain end uses or to certain users. + +e. Licensee authorizes International Business Machines Corporation and its subsidiaries (and their successors and assigns, contractors and IBM Business Partners) to store and use Licensee's business contact information wherever they do business, in connection with IBM products and services, or in furtherance of IBM's business relationship with Licensee. + +f. Each party will allow the other reasonable opportunity to comply before it claims that the other has not met its obligations under this Agreement. The parties will attempt in good faith to resolve all disputes, disagreements, or claims between the parties relating to this Agreement. + +g. Unless otherwise required by applicable law without the possibility of contractual waiver or limitation: 1) neither party will bring a legal action, regardless of form, for any claim arising out of or related to this Agreement more than two years after the cause of action arose; and 2) upon the expiration of such time limit, any such claim and all respective rights related to the claim lapse. + +h. Neither Licensee nor IBM is responsible for failure to fulfill any obligations due to causes beyond its control. + +i. No right or cause of action for any third party is created by this Agreement, nor is IBM responsible for any third party claims against Licensee, except as permitted in Subsection 10.1 (Items for Which IBM May Be Liable) above for bodily injury (including death) or damage to real or tangible personal property for which IBM is legally liable to that third party. + +j. In entering into this Agreement, neither party is relying on any representation not specified in this Agreement, including but not limited to any representation concerning: 1) the performance or function of the Program, other than as expressly warranted in Section 8 (Warranty and Exclusions) above; 2) the experiences or recommendations of other parties; or 3) any results or savings that Licensee may achieve. + +k. IBM has signed agreements with certain organizations (called "IBM Business Partners") to promote, market, and support certain Programs. IBM Business Partners remain independent and separate from IBM. IBM is not responsible for the actions or statements of IBM Business Partners or obligations they have to Licensee. + +l. The license and intellectual property indemnification terms of Licensee's other agreements with IBM (such as the IBM Customer Agreement) do not apply to Program licenses granted under this Agreement. + +14. Geographic Scope and Governing Law + +14.1 Governing Law + +Both parties agree to the application of the laws of the country in which Licensee obtained the Program license to govern, interpret, and enforce all of Licensee's and IBM's respective rights, duties, and obligations arising from, or relating in any manner to, the subject matter of this Agreement, without regard to conflict of law principles. + +The United Nations Convention on Contracts for the International Sale of Goods does not apply. + +14.2 Jurisdiction + +All rights, duties, and obligations are subject to the courts of the country in which Licensee obtained the Program license. + +Part 2 - Country-unique Terms + +For licenses granted in the countries specified below, the following terms replace or modify the referenced terms in Part 1. All terms in Part 1 that are not changed by these amendments remain unchanged and in effect. This Part 2 is organized as follows: + +* Multiple country amendments to Part 1, Section 14 (Governing Law and Jurisdiction); + +* Americas country amendments to other Agreement terms; + +* Asia Pacific country amendments to other Agreement terms; and + +* Europe, Middle East, and Africa country amendments to other Agreement terms. + +Multiple country amendments to Part 1, Section 14 (Governing Law and Jurisdiction) + +14.1 Governing Law + +The phrase "the laws of the country in which Licensee obtained the Program license" in the first paragraph of 14.1 Governing Law is replaced by the following phrases in the countries below: + +AMERICAS + +(1) In Canada: the laws in the Province of Ontario; + +(2) in Mexico: the federal laws of the Republic of Mexico; + +(3) in the United States, Anguilla, Antigua/Barbuda, Aruba, British Virgin Islands, Cayman Islands, Dominica, Grenada, Guyana, Saint Kitts and Nevis, Saint Lucia, Saint Maarten, and Saint Vincent and the Grenadines: the laws of the State of New York, United States; + +(4) in Venezuela: the laws of the Bolivarian Republic of Venezuela; + +ASIA PACIFIC + +(5) in Cambodia and Laos: the laws of the State of New York, United States; + +(6) in Australia: the laws of the State or Territory in which the transaction is performed; + +(7) in Hong Kong SAR and Macau SAR: the laws of Hong Kong Special Administrative Region ("SAR"); + +(8) in Taiwan: the laws of Taiwan; + +EUROPE, MIDDLE EAST, AND AFRICA + +(9) in Albania, Armenia, Azerbaijan, Belarus, Bosnia-Herzegovina, Bulgaria, Croatia, Former Yugoslav Republic of Macedonia, Georgia, Hungary, Kazakhstan, Kyrgyzstan, Moldova, Montenegro, Poland, Romania, Russia, Serbia, Slovakia, Tajikistan, Turkmenistan, Ukraine, and Uzbekistan: the laws of Austria; + +(10) in Algeria, Andorra, Benin, Burkina Faso, Cameroon, Cape Verde, Central African Republic, Chad, Comoros, Congo Republic, Djibouti, Democratic Republic of Congo, Equatorial Guinea, French Guiana, French Polynesia, Gabon, Gambia, Guinea, Guinea-Bissau, Ivory Coast, Lebanon, Madagascar, Mali, Mauritania, Mauritius, Mayotte, Morocco, New Caledonia, Niger, Reunion, Senegal, Seychelles, Togo, Tunisia, Vanuatu, and Wallis and Futuna: the laws of France; + +(11) in Estonia, Latvia, and Lithuania: the laws of Finland; + +(12) in Angola, Bahrain, Botswana, Burundi, Egypt, Eritrea, Ethiopia, Ghana, Jordan, Kenya, Kuwait, Liberia, Malawi, Malta, Mozambique, Nigeria, Oman, Pakistan, Qatar, Rwanda, Sao Tome and Principe, Saudi Arabia, Sierra Leone, Somalia, Tanzania, Uganda, United Arab Emirates, the United Kingdom, West Bank/Gaza, Yemen, Zambia, and Zimbabwe: the laws of England; and + +(13) in South Africa, Namibia, Lesotho, and Swaziland: the laws of the Republic of South Africa. + +14.2 Jurisdiction + +The following paragraph pertains to jurisdiction and replaces Subsection 14.2 (Jurisdiction) as it applies for those countries identified below: + +All rights, duties, and obligations are subject to the courts of the country in which Licensee obtained the Program license except that in the countries identified below all disputes arising out of or related to this Agreement, including summary proceedings, will be brought before and subject to the exclusive jurisdiction of the following courts of competent jurisdiction: + +AMERICAS + +(1) In Argentina: the Ordinary Commercial Court of the city of Buenos Aires; + +(2) in Brazil: the court of Rio de Janeiro, RJ; + +(3) in Chile: the Civil Courts of Justice of Santiago; + +(4) in Ecuador: the civil judges of Quito for executory or summary proceedings (as applicable); + +(5) in Mexico: the courts located in Mexico City, Federal District; + +(6) in Peru: the judges and tribunals of the judicial district of Lima, Cercado; + +(7) in Uruguay: the courts of the city of Montevideo; + +(8) in Venezuela: the courts of the metropolitan area of the city of Caracas; + +EUROPE, MIDDLE EAST, AND AFRICA + +(9) in Austria: the court of law in Vienna, Austria (Inner-City); + +(10) in Algeria, Andorra, Benin, Burkina Faso, Cameroon, Cape Verde, Central African Republic, Chad, Comoros, Congo Republic, Djibouti, Democratic Republic of Congo, Equatorial Guinea, France, French Guiana, French Polynesia, Gabon, Gambia, Guinea, Guinea-Bissau, Ivory Coast, Lebanon, Madagascar, Mali, Mauritania, Mauritius, Mayotte, Monaco, Morocco, New Caledonia, Niger, Reunion, Senegal, Seychelles, Togo, Tunisia, Vanuatu, and Wallis and Futuna: the Commercial Court of Paris; + +(11) in Angola, Bahrain, Botswana, Burundi, Egypt, Eritrea, Ethiopia, Ghana, Jordan, Kenya, Kuwait, Liberia, Malawi, Malta, Mozambique, Nigeria, Oman, Pakistan, Qatar, Rwanda, Sao Tome and Principe, Saudi Arabia, Sierra Leone, Somalia, Tanzania, Uganda, United Arab Emirates, the United Kingdom, West Bank/Gaza, Yemen, Zambia, and Zimbabwe: the English courts; + +(12) in South Africa, Namibia, Lesotho, and Swaziland: the High Court in Johannesburg; + +(13) in Greece: the competent court of Athens; + +(14) in Israel: the courts of Tel Aviv-Jaffa; + +(15) in Italy: the courts of Milan; + +(16) in Portugal: the courts of Lisbon; + +(17) in Spain: the courts of Madrid; and + +(18) in Turkey: the Istanbul Central Courts and Execution Directorates of Istanbul, the Republic of Turkey. + +14.3 Arbitration + +The following paragraph is added as a new Subsection 14.3 (Arbitration) as it applies for those countries identified below. The provisions of this Subsection 14.3 prevail over those of Subsection 14.2 (Jurisdiction) to the extent permitted by the applicable governing law and rules of procedure: + +ASIA PACIFIC + +(1) In Cambodia, India, Laos, Philippines, and Vietnam: + +Disputes arising out of or in connection with this Agreement will be finally settled by arbitration which will be held in Singapore in accordance with the Arbitration Rules of Singapore International Arbitration Center ("SIAC Rules") then in effect. The arbitration award will be final and binding for the parties without appeal and will be in writing and set forth the findings of fact and the conclusions of law. + +The number of arbitrators will be three, with each side to the dispute being entitled to appoint one arbitrator. The two arbitrators appointed by the parties will appoint a third arbitrator who will act as chairman of the proceedings. Vacancies in the post of chairman will be filled by the president of the SIAC. Other vacancies will be filled by the respective nominating party. Proceedings will continue from the stage they were at when the vacancy occurred. + +If one of the parties refuses or otherwise fails to appoint an arbitrator within 30 days of the date the other party appoints its, the first appointed arbitrator will be the sole arbitrator, provided that the arbitrator was validly and properly appointed. + +All proceedings will be conducted, including all documents presented in such proceedings, in the English language. The English language version of this Agreement prevails over any other language version. + +(2) In the People's Republic of China: + +In case no settlement can be reached, the disputes will be submitted to China International Economic and Trade Arbitration Commission for arbitration according to the then effective rules of the said Arbitration Commission. The arbitration will take place in Beijing and be conducted in Chinese. The arbitration award will be final and binding on both parties. During the course of arbitration, this agreement will continue to be performed except for the part which the parties are disputing and which is undergoing arbitration. + +(3) In Indonesia: + +Each party will allow the other reasonable opportunity to comply before it claims that the other has not met its obligations under this Agreement. The parties will attempt in good faith to resolve all disputes, disagreements, or claims between the parties relating to this Agreement. Unless otherwise required by applicable law without the possibility of contractual waiver or limitation, i) neither party will bring a legal action, regardless of form, arising out of or related to this Agreement or any transaction under it more than two years after the cause of action arose; and ii) after such time limit, any legal action arising out of this Agreement or any transaction under it and all respective rights related to any such action lapse. + +Disputes arising out of or in connection with this Agreement shall be finally settled by arbitration that shall be held in Jakarta, Indonesia in accordance with the rules of Board of the Indonesian National Board of Arbitration (Badan Arbitrase Nasional Indonesia or "BANI") then in effect. The arbitration award shall be final and binding for the parties without appeal and shall be in writing and set forth the findings of fact and the conclusions of law. + +The number of arbitrators shall be three, with each side to the dispute being entitled to appoint one arbitrator. The two arbitrators appointed by the parties shall appoint a third arbitrator who shall act as chairman of the proceedings. Vacancies in the post of chairman shall be filled by the chairman of the BANI. Other vacancies shall be filled by the respective nominating party. Proceedings shall continue from the stage they were at when the vacancy occurred. + +If one of the parties refuses or otherwise fails to appoint an arbitrator within 30 days of the date the other party appoints its, the first appointed arbitrator shall be the sole arbitrator, provided that the arbitrator was validly and properly appointed. + +All proceedings shall be conducted, including all documents presented in such proceedings, in the English and/or Indonesian language. + +EUROPE, MIDDLE EAST, AND AFRICA + +(4) In Albania, Armenia, Azerbaijan, Belarus, Bosnia-Herzegovina, Bulgaria, Croatia, Former Yugoslav Republic of Macedonia, Georgia, Hungary, Kazakhstan, Kyrgyzstan, Moldova, Montenegro, Poland, Romania, Russia, Serbia, Slovakia, Tajikistan, Turkmenistan, Ukraine, and Uzbekistan: + +All disputes arising out of this Agreement or related to its violation, termination or nullity will be finally settled under the Rules of Arbitration and Conciliation of the International Arbitral Center of the Federal Economic Chamber in Vienna (Vienna Rules) by three arbitrators appointed in accordance with these rules. The arbitration will be held in Vienna, Austria, and the official language of the proceedings will be English. The decision of the arbitrators will be final and binding upon both parties. Therefore, pursuant to paragraph 598 (2) of the Austrian Code of Civil Procedure, the parties expressly waive the application of paragraph 595 (1) figure 7 of the Code. IBM may, however, institute proceedings in a competent court in the country of installation. + +(5) In Estonia, Latvia, and Lithuania: + +All disputes arising in connection with this Agreement will be finally settled in arbitration that will be held in Helsinki, Finland in accordance with the arbitration laws of Finland then in effect. Each party will appoint one arbitrator. The arbitrators will then jointly appoint the chairman. If arbitrators cannot agree on the chairman, then the Central Chamber of Commerce in Helsinki will appoint the chairman. + +AMERICAS COUNTRY AMENDMENTS + +CANADA + +10.1 Items for Which IBM May be Liable + +The following replaces Item 1 in the first paragraph of this Subsection 10.1 (Items for Which IBM May be Liable): + +1) damages for bodily injury (including death) and physical harm to real property and tangible personal property caused by IBM's negligence; and + +13. General + +The following replaces Item 13.d: + +d. Licensee agrees to comply with all applicable export and import laws and regulations, including those of that apply to goods of United States origin and that prohibit or limit export for certain uses or to certain users. + +The following replaces Item 13.i: + +i. No right or cause of action for any third party is created by this Agreement or any transaction under it, nor is IBM responsible for any third party claims against Licensee except as permitted by the Limitation of Liability section above for bodily injury (including death) or physical harm to real or tangible personal property caused by IBM's negligence for which IBM is legally liable to that third party. + +The following is added as Item 13.m: + +m. For purposes of this Item 13.m, "Personal Data" refers to information relating to an identified or identifiable individual made available by one of the parties, its personnel or any other individual to the other in connection with this Agreement. The following provisions apply in the event that one party makes Personal Data available to the other: + +(1) General + +(a) Each party is responsible for complying with any obligations applying to it under applicable Canadian data privacy laws and regulations ("Laws"). + +(b) Neither party will request Personal Data beyond what is necessary to fulfill the purpose(s) for which it is requested. The purpose(s) for requesting Personal Data must be reasonable. Each party will agree in advance as to the type of Personal Data that is required to be made available. + +(2) Security Safeguards + +(a) Each party acknowledges that it is solely responsible for determining and communicating to the other the appropriate technological, physical and organizational security measures required to protect Personal Data. + +(b) Each party will ensure that Personal Data is protected in accordance with the security safeguards communicated and agreed to by the other. + +(c) Each party will ensure that any third party to whom Personal Data is transferred is bound by the applicable terms of this section. + +(d) Additional or different services required to comply with the Laws will be deemed a request for new services. + +(3) Use + +Each party agrees that Personal Data will only be used, accessed, managed, transferred, disclosed to third parties or otherwise processed to fulfill the purpose(s) for which it was made available. + +(4) Access Requests + +(a) Each party agrees to reasonably cooperate with the other in connection with requests to access or amend Personal Data. + +(b) Each party agrees to reimburse the other for any reasonable charges incurred in providing each other assistance. + +(c) Each party agrees to amend Personal Data only upon receiving instructions to do so from the other party or its personnel. + +(5) Retention + +Each party will promptly return to the other or destroy all Personal Data that is no longer necessary to fulfill the purpose(s) for which it was made available, unless otherwise instructed by the other or its personnel or required by law. + +(6) Public Bodies Who Are Subject to Public Sector Privacy Legislation + +For Licensees who are public bodies subject to public sector privacy legislation, this Item 13.m applies only to Personal Data made available to Licensee in connection with this Agreement, and the obligations in this section apply only to Licensee, except that: 1) section (2)(a) applies only to IBM; 2) sections (1)(a) and (4)(a) apply to both parties; and 3) section (4)(b) and the last sentence in (1)(b) do not apply. + +PERU + +10. Limitation of Liability + +The following is added to the end of this Section 10 (Limitation of Liability): + +Except as expressly required by law without the possibility of contractual waiver, Licensee and IBM intend that the limitation of liability in this Limitation of Liability section applies to damages caused by all types of claims and causes of action. If any limitation on or exclusion from liability in this section is held by a court of competent jurisdiction to be unenforceable with respect to a particular claim or cause of action, the parties intend that it nonetheless apply to the maximum extent permitted by applicable law to all other claims and causes of action. + +10.1 Items for Which IBM May be Liable + +The following is added at the end of this Subsection 10.1: + +In accordance with Article 1328 of the Peruvian Civil Code, the limitations and exclusions specified in this section will not apply to damages caused by IBM's willful misconduct ("dolo") or gross negligence ("culpa inexcusable"). + +UNITED STATES OF AMERICA + +5. Taxes + +The following is added at the end of this Section 5 (Taxes) + +For Programs delivered electronically in the United States for which Licensee claims a state sales and use tax exemption, Licensee agrees not to receive any tangible personal property (e.g., media and publications) associated with the electronic program. + +Licensee agrees to be responsible for any sales and use tax liabilities that may arise as a result of Licensee's subsequent redistribution of Programs after delivery by IBM. + +13. General + +The following is added to Section 13 as Item 13.m: + +U.S. Government Users Restricted Rights - Use, duplication or disclosure is restricted by the GSA IT Schedule 70 Contract with the IBM Corporation. + +The following is added to Item 13.f: + +Each party waives any right to a jury trial in any proceeding arising out of or related to this Agreement. + +ASIA PACIFIC COUNTRY AMENDMENTS + +AUSTRALIA + +5. Taxes + +The following sentences replace the first two sentences of Section 5 (Taxes): + +If any government or authority imposes a duty, tax (other than income tax), levy, or fee, on this Agreement or on the Program itself, that is not otherwise provided for in the amount payable, Licensee agrees to pay it when IBM invoices Licensee. If the rate of GST changes, IBM may adjust the charge or other amount payable to take into account that change from the date the change becomes effective. + +8.1 Limited Warranty + +The following is added to Subsection 8.1 (Limited Warranty): + +The warranties specified this Section are in addition to any rights Licensee may have under the Competition and Consumer Act 2010 or other legislation and are only limited to the extent permitted by the applicable legislation. + +10.1 Items for Which IBM May be Liable + +The following is added to Subsection 10.1 (Items for Which IBM May be Liable): + +Where IBM is in breach of a condition or warranty implied by the Competition and Consumer Act 2010, IBM's liability is limited to the repair or replacement of the goods, or the supply of equivalent goods. Where that condition or warranty relates to right to sell, quiet possession or clear title, or the goods are of a kind ordinarily obtained for personal, domestic or household use or consumption, then none of the limitations in this paragraph apply. + +HONG KONG SAR, MACAU SAR, AND TAIWAN + +As applies to licenses obtained in Taiwan and the special administrative regions, phrases throughout this Agreement containing the word "country" (for example, "the country in which the original Licensee was granted the license" and "the country in which Licensee obtained the Program license") are replaced with the following: + +(1) In Hong Kong SAR: "Hong Kong SAR" + +(2) In Macau SAR: "Macau SAR" except in the Governing Law clause (Section 14.1) + +(3) In Taiwan: "Taiwan." + +INDIA + +10.1 Items for Which IBM May be Liable + +The following replaces the terms of Items 1 and 2 of the first paragraph: + +1) liability for bodily injury (including death) or damage to real property and tangible personal property will be limited to that caused by IBM's negligence; and 2) as to any other actual damage arising in any situation involving nonperformance by IBM pursuant to, or in any way related to the subject of this Agreement, IBM's liability will be limited to the charge paid by Licensee for the individual Program that is the subject of the claim. + +13. General + +The following replaces the terms of Item 13.g: + +If no suit or other legal action is brought, within three years after the cause of action arose, in respect of any claim that either party may have against the other, the rights of the concerned party in respect of such claim will be forfeited and the other party will stand released from its obligations in respect of such claim. + +INDONESIA + +3.3 Term and Termination + +The following is added to the last paragraph: + +Both parties waive the provision of article 1266 of the Indonesian Civil Code, to the extent the article provision requires such court decree for the termination of an agreement creating mutual obligations. + +JAPAN + +13. General + +The following is inserted after Item 13.f: + +Any doubts concerning this Agreement will be initially resolved between us in good faith and in accordance with the principle of mutual trust. + +MALAYSIA + +10.2 Items for Which IBM Is not Liable + +The word "SPECIAL" in Item 10.2b is deleted. + +NEW ZEALAND + +8.1 Limited Warranty + +The following is added: + +The warranties specified in this Section are in addition to any rights Licensee may have under the Consumer Guarantees Act 1993 or other legislation which cannot be excluded or limited. The Consumer Guarantees Act 1993 will not apply in respect of any goods which IBM provides, if Licensee requires the goods for the purposes of a business as defined in that Act. + +10. Limitation of Liability + +The following is added: + +Where Programs are not obtained for the purposes of a business as defined in the Consumer Guarantees Act 1993, the limitations in this Section are subject to the limitations in that Act. + +PEOPLE'S REPUBLIC OF CHINA + +4. Charges + +The following is added: + +All banking charges incurred in the People's Republic of China will be borne by Licensee and those incurred outside the People's Republic of China will be borne by IBM. + +PHILIPPINES + +10.2 Items for Which IBM Is not Liable + +The following replaces the terms of Item 10.2b: + +b. special (including nominal and exemplary damages), moral, incidental, or indirect damages or for any economic consequential damages; or + +SINGAPORE + +10.2 Items for Which IBM Is not Liable + +The words "SPECIAL" and "ECONOMIC" are deleted from Item 10.2b. + +13. General + +The following replaces the terms of Item 13.i: + +Subject to the rights provided to IBM's suppliers and Program developers as provided in Section 10 above (Limitation of Liability), a person who is not a party to this Agreement will have no right under the Contracts (Right of Third Parties) Act to enforce any of its terms. + +TAIWAN + +8.1 Limited Warranty + +The last paragraph is deleted. + +10.1 Items for Which IBM May Be Liable + +The following sentences are deleted: + +This limit also applies to any of IBM's subcontractors and Program developers. It is the maximum for which IBM and its subcontractors and Program developers are collectively responsible. + +EUROPE, MIDDLE EAST, AFRICA (EMEA) COUNTRY AMENDMENTS + +EUROPEAN UNION MEMBER STATES + +8. Warranty and Exclusions + +The following is added to Section 8 (Warranty and Exclusion): + +In the European Union ("EU"), consumers have legal rights under applicable national legislation governing the sale of consumer goods. Such rights are not affected by the provisions set out in this Section 8 (Warranty and Exclusions). The territorial scope of the Limited Warranty is worldwide. + +EU MEMBER STATES AND THE COUNTRIES IDENTIFIED BELOW + +Iceland, Liechtenstein, Norway, Switzerland, Turkey, and any other European country that has enacted local data privacy or protection legislation similar to the EU model. + +13. General + +The following replaces Item 13.e: + +(1) Definitions - For the purposes of this Item 13.e, the following additional definitions apply: + +(a) Business Contact Information - business-related contact information disclosed by Licensee to IBM, including names, job titles, business addresses, telephone numbers and email addresses of Licensee's employees and contractors. For Austria, Italy and Switzerland, Business Contact Information also includes information about Licensee and its contractors as legal entities (for example, Licensee's revenue data and other transactional information) + +(b) Business Contact Personnel - Licensee employees and contractors to whom the Business Contact Information relates. + +(c) Data Protection Authority - the authority established by the Data Protection and Electronic Communications Legislation in the applicable country or, for non-EU countries, the authority responsible for supervising the protection of personal data in that country, or (for any of the foregoing) any duly appointed successor entity thereto. + +(d) Data Protection & Electronic Communications Legislation - (i) the applicable local legislation and regulations in force implementing the requirements of EU Directive 95/46/EC (on the protection of individuals with regard to the processing of personal data and on the free movement of such data) and of EU Directive 2002/58/EC (concerning the processing of personal data and the protection of privacy in the electronic communications sector); or (ii) for non-EU countries, the legislation and/or regulations passed in the applicable country relating to the protection of personal data and the regulation of electronic communications involving personal data, including (for any of the foregoing) any statutory replacement or modification thereof. + +(e) IBM Group - International Business Machines Corporation of Armonk, New York, USA, its subsidiaries, and their respective Business Partners and subcontractors. + +(2) Licensee authorizes IBM: + +(a) to process and use Business Contact Information within IBM Group in support of Licensee including the provision of support services, and for the purpose of furthering the business relationship between Licensee and IBM Group, including, without limitation, contacting Business Contact Personnel (by email or otherwise) and marketing IBM Group products and services (the "Specified Purpose"); and + +(b) to disclose Business Contact Information to other members of IBM Group in pursuit of the Specified Purpose only. + +(3) IBM agrees that all Business Contact Information will be processed in accordance with the Data Protection & Electronic Communications Legislation and will be used only for the Specified Purpose. + +(4) To the extent required by the Data Protection & Electronic Communications Legislation, Licensee represents that (a) it has obtained (or will obtain) any consents from (and has issued (or will issue) any notices to) the Business Contact Personnel as are necessary in order to enable IBM Group to process and use the Business Contact Information for the Specified Purpose. + +(5) Licensee authorizes IBM to transfer Business Contact Information outside the European Economic Area, provided that the transfer is made on contractual terms approved by the Data Protection Authority or the transfer is otherwise permitted under the Data Protection & Electronic Communications Legislation. + +AUSTRIA + +8.2 Exclusions + +The following is deleted from the first paragraph: + +MERCHANTABILITY, SATISFACTORY QUALITY + +10. Limitation of Liability + +The following is added: + +The following limitations and exclusions of IBM's liability do not apply for damages caused by gross negligence or willful misconduct. + +10.1 Items for Which IBM May Be Liable + +The following replaces the first sentence in the first paragraph: + +Circumstances may arise where, because of a default by IBM in the performance of its obligations under this Agreement or other liability, Licensee is entitled to recover damages from IBM. + +In the second sentence of the first paragraph, delete entirely the parenthetical phrase: + +"(including fundamental breach, negligence, misrepresentation, or other contract or tort claim)". + +10.2 Items for Which IBM Is Not Liable + +The following replaces Item 10.2b: + +b. indirect damages or consequential damages; or + +BELGIUM, FRANCE, ITALY, AND LUXEMBOURG + +10. Limitation of Liability + +The following replaces the terms of Section 10 (Limitation of Liability) in its entirety: + +Except as otherwise provided by mandatory law: + +10.1 Items for Which IBM May Be Liable + +IBM's entire liability for all claims in the aggregate for any damages and losses that may arise as a consequence of the fulfillment of its obligations under or in connection with this Agreement or due to any other cause related to this Agreement is limited to the compensation of only those damages and losses proved and actually arising as an immediate and direct consequence of the non-fulfillment of such obligations (if IBM is at fault) or of such cause, for a maximum amount equal to the charges (if the Program is subject to fixed term charges, up to twelve months' charges) Licensee paid for the Program that has caused the damages. + +The above limitation will not apply to damages for bodily injuries (including death) and damages to real property and tangible personal property for which IBM is legally liable. + +10.2 Items for Which IBM Is Not Liable + +UNDER NO CIRCUMSTANCES IS IBM OR ANY OF ITS PROGRAM DEVELOPERS LIABLE FOR ANY OF THE FOLLOWING, EVEN IF INFORMED OF THEIR POSSIBILITY: 1) LOSS OF, OR DAMAGE TO, DATA; 2) INCIDENTAL, EXEMPLARY OR INDIRECT DAMAGES, OR FOR ANY ECONOMIC CONSEQUENTIAL DAMAGES; AND / OR 3) LOST PROFITS, BUSINESS, REVENUE, GOODWILL, OR ANTICIPATED SAVINGS, EVEN IF THEY ARISE AS AN IMMEDIATE CONSEQUENCE OF THE EVENT THAT GENERATED THE DAMAGES. + +10.3 Suppliers and Program Developers + +The limitation and exclusion of liability herein agreed applies not only to the activities performed by IBM but also to the activities performed by its suppliers and Program developers, and represents the maximum amount for which IBM as well as its suppliers and Program developers are collectively responsible. + +GERMANY + +8.1 Limited Warranty + +The following is inserted at the beginning of Section 8.1: + +The Warranty Period is twelve months from the date of delivery of the Program to the original Licensee. + +8.2 Exclusions + +Section 8.2 is deleted in its entirety and replaced with the following: + +Section 8.1 defines IBM's entire warranty obligations to Licensee except as otherwise required by applicable statutory law. + +10. Limitation of Liability + +The following replaces the Limitation of Liability section in its entirety: + +a. IBM will be liable without limit for 1) loss or damage caused by a breach of an express guarantee; 2) damages or losses resulting in bodily injury (including death); and 3) damages caused intentionally or by gross negligence. + +b. In the event of loss, damage and frustrated expenditures caused by slight negligence or in breach of essential contractual obligations, IBM will be liable, regardless of the basis on which Licensee is entitled to claim damages from IBM (including fundamental breach, negligence, misrepresentation, or other contract or tort claim), per claim only up to the greater of 500,000 euro or the charges (if the Program is subject to fixed term charges, up to 12 months' charges) Licensee paid for the Program that caused the loss or damage. A number of defaults which together result in, or contribute to, substantially the same loss or damage will be treated as one default. + +c. In the event of loss, damage and frustrated expenditures caused by slight negligence, IBM will not be liable for indirect or consequential damages, even if IBM was informed about the possibility of such loss or damage. + +d. In case of delay on IBM's part: 1) IBM will pay to Licensee an amount not exceeding the loss or damage caused by IBM's delay and 2) IBM will be liable only in respect of the resulting damages that Licensee suffers, subject to the provisions of Items a and b above. + +13. General + +The following replaces the provisions of 13.g: + +Any claims resulting from this Agreement are subject to a limitation period of three years, except as stated in Section 8.1 (Limited Warranty) of this Agreement. + +The following replaces the provisions of 13.i: + +No right or cause of action for any third party is created by this Agreement, nor is IBM responsible for any third party claims against Licensee, except (to the extent permitted in Section 10 (Limitation of Liability)) for: i) bodily injury (including death); or ii) damage to real or tangible personal property for which (in either case) IBM is legally liable to that third party. + +IRELAND + +8.2 Exclusions + +The following paragraph is added: + +Except as expressly provided in these terms and conditions, or Section 12 of the Sale of Goods Act 1893 as amended by the Sale of Goods and Supply of Services Act, 1980 (the "1980 Act"), all conditions or warranties (express or implied, statutory or otherwise) are hereby excluded including, without limitation, any warranties implied by the Sale of Goods Act 1893 as amended by the 1980 Act (including, for the avoidance of doubt, Section 39 of the 1980 Act). + +IRELAND AND UNITED KINGDOM + +2. Agreement Structure + +The following sentence is added: + +Nothing in this paragraph shall have the effect of excluding or limiting liability for fraud. + +10.1 Items for Which IBM May Be Liable + +The following replaces the first paragraph of the Subsection: + +For the purposes of this section, a "Default" means any act, statement, omission or negligence on the part of IBM in connection with, or in relation to, the subject matter of an Agreement in respect of which IBM is legally liable to Licensee, whether in contract or in tort. A number of Defaults which together result in, or contribute to, substantially the same loss or damage will be treated as one Default. + +Circumstances may arise where, because of a Default by IBM in the performance of its obligations under this Agreement or other liability, Licensee is entitled to recover damages from IBM. Regardless of the basis on which Licensee is entitled to claim damages from IBM and except as expressly required by law without the possibility of contractual waiver, IBM's entire liability for any one Default will not exceed the amount of any direct damages, to the extent actually suffered by Licensee as an immediate and direct consequence of the default, up to the greater of (1) 500,000 euro (or the equivalent in local currency) or (2) 125% of the charges (if the Program is subject to fixed term charges, up to 12 months' charges) for the Program that is the subject of the claim. Notwithstanding the foregoing, the amount of any damages for bodily injury (including death) and damage to real property and tangible personal property for which IBM is legally liable is not subject to such limitation. + +10.2 Items for Which IBM is Not Liable + +The following replaces Items 10.2b and 10.2c: + +b. special, incidental, exemplary, or indirect damages or consequential damages; or + +c. wasted management time or lost profits, business, revenue, goodwill, or anticipated savings. + +Z125-3301-14 (07/2011) + + diff --git a/microgateway/set-config/index.js b/microgateway/set-config/index.js new file mode 100644 index 0000000..fd1c8f3 --- /dev/null +++ b/microgateway/set-config/index.js @@ -0,0 +1,87 @@ +// get an instance of mongoose and mongoose.Schema +var mongoose = require('mongoose'); +var Promise = require("bluebird"); +var Schema = mongoose.Schema; +var fs = Promise.promisifyAll(require("fs")); +var yaml = require('js-yaml'); + +mongoose.Promise = Promise; +var keyFile = '/usr/src/app/node_modules/microgateway/id_rsa.pub'; +var uri = 'mongodb://apim:27017/apim'; +var envFile = '/usr/src/app/node_modules/microgateway/env.yaml'; +var Environment = mongoose.model('environments', new Schema({ + shortName: String, + gatewayType: String, + standaloneMicroGateway: { title: String, publicKey: String } +})); + +var connectWithRetry = function() { + return mongoose.connect(uri) + .then(() => { + var query = Environment.findOne({ shortName: 'sb' }); + return query.then(function (doc) { + if (!doc || !doc._id) { + throw new Error('Catalog \'sb\' has not been created'); + } else { + return fs.readFileAsync(envFile, 'utf8') + .then(function(data) { + var env = yaml.safeLoad(data); + env.APIMANAGER_CATALOG = doc._id.toString(); + var dataToWrite = yaml.safeDump(env); + return fs.writeFileAsync(envFile, dataToWrite) + }).then(function(){ + console.log('The config file was saved!'); + }) + .catch(function(e) { + throw new Error(e); + }); + } + }) + .then(function(doc) { + fs.readFile(keyFile, 'utf8', function(err, data) { + if (err) { + mongoose.disconnect(); + console.log(err); + } + return Environment.findOneAndUpdate( {$and:[ + { shortName: 'sb' }, + { + "standaloneMicroGateway": {$exists: false} + } + ]}, { + $set: { + gatewayType: 'StandaloneMicroGateway', + standaloneMicroGateway: { + title: 'API Connect Standalone Micro Gateway', + publicKey: data + }, + } + }, { new: true }, function(err, newdoc) { + if (err) { + console.log('Unable to update catalog settings', err); + return; + } + console.log('Successfully updated apim catalog settings'); + mongoose.disconnect(); + return; + }); + }); + }) + .catch(function(err){ + console.log(err.message + ', retrying in 10 seconds'); + setTimeout(connectWithRetry, 10000); + mongoose.disconnect(); + }); + }) + .catch(function(err){ + if (err.name !== 'MongoError') { + console.log(err.name + ': ' + err.message); + } + console.log('Waiting for apim to be ready, retrying in 10 seconds'); + setTimeout(connectWithRetry, 10000); + }); + + +}; + +connectWithRetry(); diff --git a/microgateway/set-config/package.json b/microgateway/set-config/package.json new file mode 100644 index 0000000..b4fee64 --- /dev/null +++ b/microgateway/set-config/package.json @@ -0,0 +1,21 @@ +{ + "name": "set-config", + "version": "1.0.0", + "description": ".", + "main": "index.js", + "scripts": { + "start": "node index.js", + "test": "node_modules/.bin/mocha tests/**" + }, + "keywords": [ ], + "author": "IBM API Connect", + "license": "SEE LICENSE IN LICENSE.txt", + "dependencies": { + "mongoose": "^4.6.8", + "js-yaml": "^3.7.0", + "bluebird": "3.4.6" + }, + "devDependencies": { + "mocha": "^2.2.4" + } +} diff --git a/microservice/.editorconfig b/microservice/.editorconfig new file mode 100644 index 0000000..3ee22e5 --- /dev/null +++ b/microservice/.editorconfig @@ -0,0 +1,13 @@ +# EditorConfig helps developers define and maintain consistent +# coding styles between different editors and IDEs +# http://editorconfig.org + +root = true + +[*] +indent_style = space +indent_size = 2 +end_of_line = lf +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = true diff --git a/microservice/.eslintignore b/microservice/.eslintignore new file mode 100644 index 0000000..e69de29 diff --git a/microservice/.eslintrc b/microservice/.eslintrc new file mode 100644 index 0000000..4ed9690 --- /dev/null +++ b/microservice/.eslintrc @@ -0,0 +1,10 @@ +{ + "extends": "loopback", + "rules": { + "max-len": ["error", 80, 4, { + "ignoreComments": true, + "ignoreUrls": true, + "ignorePattern": "^\\s*var\\s.+=\\s*(require\\s*\\()|(/)" + }] + } +} \ No newline at end of file diff --git a/microservice/.gitignore b/microservice/.gitignore new file mode 100644 index 0000000..aff1045 --- /dev/null +++ b/microservice/.gitignore @@ -0,0 +1,19 @@ +*.csv +*.dat +*.iml +*.log +*.out +*.pid +*.seed +*.sublime-* +*.swo +*.swp +*.tgz +*.xml +.DS_Store +.idea +.project +.strong-pm +coverage +node_modules +npm-debug.log diff --git a/microservice/.npmignore b/microservice/.npmignore new file mode 100644 index 0000000..7ec7473 --- /dev/null +++ b/microservice/.npmignore @@ -0,0 +1,16 @@ +.idea +.project +*.sublime-* +.DS_Store +*.seed +*.log +*.csv +*.dat +*.out +*.pid +*.swp +*.swo +node_modules +coverage +*.tgz +*.xml diff --git a/microservice/.yo-rc.json b/microservice/.yo-rc.json new file mode 100644 index 0000000..02f3fc1 --- /dev/null +++ b/microservice/.yo-rc.json @@ -0,0 +1,3 @@ +{ + "generator-loopback": {} +} \ No newline at end of file diff --git a/microservice/CONTRIBUTING.md b/microservice/CONTRIBUTING.md new file mode 100644 index 0000000..0591409 --- /dev/null +++ b/microservice/CONTRIBUTING.md @@ -0,0 +1,151 @@ +### Contributing ### + +Thank you for your interest in `loopback-example-database`, an open source project +administered by StrongLoop. + +Contributing to `loopback-example-database` is easy. In a few simple steps: + + * Ensure that your effort is aligned with the project's roadmap by + talking to the maintainers, especially if you are going to spend a + lot of time on it. + + * Make something better or fix a bug. + + * Adhere to code style outlined in the [Google C++ Style Guide][] and + [Google Javascript Style Guide][]. + + * Sign the [Contributor License Agreement](https://cla.strongloop.com/agreements/strongloop/loopback-example-database) + + * Submit a pull request through Github. + + +### Contributor License Agreement ### + +``` + Individual Contributor License Agreement + + By signing this Individual Contributor License Agreement + ("Agreement"), and making a Contribution (as defined below) to + StrongLoop, Inc. ("StrongLoop"), You (as defined below) accept and + agree to the following terms and conditions for Your present and + future Contributions submitted to StrongLoop. Except for the license + granted in this Agreement to StrongLoop and recipients of software + distributed by StrongLoop, You reserve all right, title, and interest + in and to Your Contributions. + + 1. Definitions + + "You" or "Your" shall mean the copyright owner or the individual + authorized by the copyright owner that is entering into this + Agreement with StrongLoop. + + "Contribution" shall mean any original work of authorship, + including any modifications or additions to an existing work, that + is intentionally submitted by You to StrongLoop for inclusion in, + or documentation of, any of the products owned or managed by + StrongLoop ("Work"). For purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication + sent to StrongLoop or its representatives, including but not + limited to communication or electronic mailing lists, source code + control systems, and issue tracking systems that are managed by, + or on behalf of, StrongLoop for the purpose of discussing and + improving the Work, but excluding communication that is + conspicuously marked or otherwise designated in writing by You as + "Not a Contribution." + + 2. You Grant a Copyright License to StrongLoop + + Subject to the terms and conditions of this Agreement, You hereby + grant to StrongLoop and recipients of software distributed by + StrongLoop, a perpetual, worldwide, non-exclusive, no-charge, + royalty-free, irrevocable copyright license to reproduce, prepare + derivative works of, publicly display, publicly perform, + sublicense, and distribute Your Contributions and such derivative + works under any license and without any restrictions. + + 3. You Grant a Patent License to StrongLoop + + Subject to the terms and conditions of this Agreement, You hereby + grant to StrongLoop and to recipients of software distributed by + StrongLoop a perpetual, worldwide, non-exclusive, no-charge, + royalty-free, irrevocable (except as stated in this Section) + patent license to make, have made, use, offer to sell, sell, + import, and otherwise transfer the Work under any license and + without any restrictions. The patent license You grant to + StrongLoop under this Section applies only to those patent claims + licensable by You that are necessarily infringed by Your + Contributions(s) alone or by combination of Your Contributions(s) + with the Work to which such Contribution(s) was submitted. If any + entity institutes a patent litigation against You or any other + entity (including a cross-claim or counterclaim in a lawsuit) + alleging that Your Contribution, or the Work to which You have + contributed, constitutes direct or contributory patent + infringement, any patent licenses granted to that entity under + this Agreement for that Contribution or Work shall terminate as + of the date such litigation is filed. + + 4. You Have the Right to Grant Licenses to StrongLoop + + You represent that You are legally entitled to grant the licenses + in this Agreement. + + If Your employer(s) has rights to intellectual property that You + create, You represent that You have received permission to make + the Contributions on behalf of that employer, that Your employer + has waived such rights for Your Contributions, or that Your + employer has executed a separate Corporate Contributor License + Agreement with StrongLoop. + + 5. The Contributions Are Your Original Work + + You represent that each of Your Contributions are Your original + works of authorship (see Section 8 (Submissions on Behalf of + Others) for submission on behalf of others). You represent that to + Your knowledge, no other person claims, or has the right to claim, + any right in any intellectual property right related to Your + Contributions. + + You also represent that You are not legally obligated, whether by + entering into an agreement or otherwise, in any way that conflicts + with the terms of this Agreement. + + You represent that Your Contribution submissions include complete + details of any third-party license or other restriction (including, + but not limited to, related patents and trademarks) of which You + are personally aware and which are associated with any part of + Your Contributions. + + 6. You Don't Have an Obligation to Provide Support for Your Contributions + + You are not expected to provide support for Your Contributions, + except to the extent You desire to provide support. You may provide + support for free, for a fee, or not at all. + + 6. No Warranties or Conditions + + StrongLoop acknowledges that unless required by applicable law or + agreed to in writing, You provide Your Contributions on an "AS IS" + BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER + EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES + OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY, OR + FITNESS FOR A PARTICULAR PURPOSE. + + 7. Submission on Behalf of Others + + If You wish to submit work that is not Your original creation, You + may submit it to StrongLoop separately from any Contribution, + identifying the complete details of its source and of any license + or other restriction (including, but not limited to, related + patents, trademarks, and license agreements) of which You are + personally aware, and conspicuously marking the work as + "Submitted on Behalf of a Third-Party: [named here]". + + 8. Agree to Notify of Change of Circumstances + + You agree to notify StrongLoop of any facts or circumstances of + which You become aware that would make these representations + inaccurate in any respect. Email us at callback@strongloop.com. +``` + +[Google C++ Style Guide]: https://google.github.io/styleguide/cppguide.html +[Google Javascript Style Guide]: https://google.github.io/styleguide/javascriptguide.xml diff --git a/microservice/Dockerfile b/microservice/Dockerfile new file mode 100644 index 0000000..6f6be40 --- /dev/null +++ b/microservice/Dockerfile @@ -0,0 +1,25 @@ +FROM node:4-slim + +# Create app directory +RUN mkdir -p /usr/src/app && \ + apt update && \ + apt install -y jq && \ + rm -rf /var/lib/apt/lists/* +WORKDIR /usr/src/app + +# Install app dependencies +COPY package.json /usr/src/app/ +RUN npm install --silent -g npm && \ + npm install --silent --prod && \ + npm prune --prod + +# Bundle app source +COPY . /usr/src/app + +COPY *.sh /usr/bin/ +RUN chmod +x /usr/bin/app.sh +ENV PORT 8080 +EXPOSE 8080 +ENV NODE_ENV production +CMD [ "/bin/sh", "-c", "/usr/bin/app.sh start && /usr/bin/app.sh wait" ] + diff --git a/microservice/LICENSE b/microservice/LICENSE new file mode 100644 index 0000000..0fda15e --- /dev/null +++ b/microservice/LICENSE @@ -0,0 +1,25 @@ +Copyright (c) IBM Corp. 2013,2016. All Rights Reserved. +Node module: loopback-example-database +This project is licensed under the MIT License, full text below. + +-------- + +MIT license + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/microservice/README.md b/microservice/README.md new file mode 100644 index 0000000..c1eb10e --- /dev/null +++ b/microservice/README.md @@ -0,0 +1,251 @@ +# loopback-example-database + +A tutorial for basic database related features. + +- [Overview](#overview) +- [Prerequisites](#prerequisites) +- [Running the example](#running-the-example) +- [Tutorial - MongoDB](#tutorial---mongodb) + +## Overview + +### Topics covered + +- Data sources + - Creating + - Configuring +- Models + - Creating +- Automigration +- Instance introspection (Discovery) + +### Database specific tutorials + +Database specific tutorials are on separate branches. The master branch contains +the tutorial for MongoDB. + +|Branch|Connector| +|:--|:--| +|[master](https://github.com/strongloop/loopback-example-database)|MongoDB| +|[mssql](https://github.com/strongloop/loopback-example-database/tree/mssql)|Microsoft SQL Server| +|[mysql](https://github.com/strongloop/loopback-example-database/tree/mysql)|MySQL| +|[oracle](https://github.com/strongloop/loopback-example-database/tree/oracle)|Oracle| +|[postgresql](https://github.com/strongloop/loopback-example-database/tree/postgresql)|PostgreSQL| + +For example, to view the MySQL example: + +``` +git clone https://github.com/strongloop/loopback-example-database +cd loopback-example-database +git checkout mysql +``` + +## Prerequisites + +Before starting this tutorial, make sure you have the following installed: + +- Node +- NPM +- [StrongLoop Controller](https://github.com/strongloop/strongloop) + +## Running the example + +``` +git clone https://github.com/strongloop/loopback-example-database +cd loopback-example-database +npm install +npm start +``` + +## Tutorial - MongoDB + +### 1. Create a new LoopBack app + +#### App info + +- Name: `loopback-example-database` +- Dir to contain the project: `loopback-example-database` + +``` +slc loopback loopback-example-database +... # follow the prompts +``` + +### 2. Install the LoopBack MongoDB connector + +``` +cd loopback-example-database +npm install --save loopback-connector-mongodb +``` + +### 3. Create a data source + +#### Data source info + +- Data source name: `accountDS` +- Select the connector for `accountDS`: `MongoDB` + +``` +slc loopback:datasource accountDS +... # follow the prompts +``` + +This creates a new data source named `accountDS` that uses the MongoDB +connector. + +### 4. Configure the data source + +For the purposes of this example, we will use a preconfigured StrongLoop MongoDB +server. Edit `server/datasources.json` to set the MongoDB configs: + +``` +{ + ... + "accountDS": { + "name": "accountDS", + "connector": "mongodb", + "host": "demo.strongloop.com", + "port": 27017, + "database": "demo", + "username": "demo", + "password": "L00pBack" + } +} +``` + +> Feel free to use your own local MongoDB instance. Simply change the configs +> above to match your own. + +### 5. Create a new model + +#### Model Info + +- Model name: `Account` +- Attach `Account` to: `accountDS (mongodb)` +- Base class: `PersistedModel` +- Expose via REST: `Yes` +- Custom plural form: *Leave blank* +- Properties: + - `email` + - String + - Not required + - `createdAt` + - Date + - Not required + - `lastModifiedAt` + - Date + - Not required + +``` +slc loopback:model Account +... # follow the prompts +``` + +### 6. Create the collection with sample data - Automigration + +With the `account` model configured, we can generate the corresponding +MongoDB collection using the info from the `Account` metadata in [`common/models/account.json`](common/models/account.json) +via [*auto-migration*](http://loopback.io/doc/en/lb2/Implementing-auto-migration.html). + +Start by creating a dir to store general-purpose scripts: + +``` +mkdir bin +``` + +Inside that dir, create a script named [`automigrate.js`](bin/automigrate.js). +To create the `Account` collection and create two sample accounts, run: + +``` +node bin/automigrate.js +``` + +> **WARNING** +> +> The `automigrate` function creates a new collection if it doesn't exist. If +> the collection already exists, **it will be destroyed and it's data will be +> deleted**. If you want to keep this data, use `autoupdate` instead. + +You should see: + +``` +Created: { email: 'baz@qux.com', + createdAt: Thu Oct 22 2015 17:58:09 GMT-0700 (PDT), + lastModifiedAt: Thu Oct 22 2015 17:58:09 GMT-0700 (PDT), + id: 562986213ea33440575c6588 } +Created: { email: 'foo@bar.com', + createdAt: Thu Oct 22 2015 17:58:09 GMT-0700 (PDT), + lastModifiedAt: Thu Oct 22 2015 17:58:09 GMT-0700 (PDT), + id: 562986213ea33440575c6587 } +``` + +> If you are using Node 4, it is safe to ignore `Swagger: skipping unknown type +> "ObjectId"`. This warning will be addressed in a future update. + +### 7. View data using the explorer + +Projects scaffolded via `slc loopback` come with `loopback-component-explorer` +preconfigured. From the project root, start the server: + +``` +node . +``` + +Then to view the existing account data, browse to `localhost:3000/explorer` and +click: + +- `GET /Accounts` +- `Try it out!` + +You should see: + +``` +[ + { + "email": "foo@bar.com", + "createdAt": "2015-10-23T00:58:09.280Z", + "lastModifiedAt": "2015-10-23T00:58:09.280Z", + "id": "562986213ea33440575c6587" + }, + { + "email": "baz@qux.com", + "createdAt": "2015-10-23T00:58:09.280Z", + "lastModifiedAt": "2015-10-23T00:58:09.280Z", + "id": "562986213ea33440575c6588" + } +] +``` + +> Try out some of the other endpoints to get a feel for how explorer works. + +### 8. Add a script to perform instance instrospection (Discovery) + +> [*Discovery*](http://loopback.io/doc/en/lb2/Discovering-models-from-relational-databases.html) +> is the process of reverse engineering a LoopBack model from an existing database schema. + +The LoopBack MongoDB connector does not support discovery. However, you can use +*instance instrospection*, which creates a LoopBack model from an existing +JavaScript object. + +To do this, create a script named [`instance-introspections.js`](bin/instance-introspection.js) +in the `bin` dir. Then run: + +``` +node bin/instance-introspection +``` + +You should see: + +``` +Created: { email: 'bob.doe@ibm.com', + createdAt: Thu Oct 22 2015 19:38:20 GMT-0700 (PDT), + lastModifiedAt: Thu Oct 22 2015 19:38:20 GMT-0700 (PDT), + id: 56299d9d71c7f600719ca39f } +``` + +> See the [official docs](http://loopback.io/doc/en/lb2/Creating-models-from-unstructured-data.html) +> for more info. + +--- + +[More LoopBack examples](https://github.com/strongloop/loopback-example) diff --git a/microservice/app.sh b/microservice/app.sh new file mode 100755 index 0000000..c009a4a --- /dev/null +++ b/microservice/app.sh @@ -0,0 +1,77 @@ +#!/bin/bash -e + +startApp() { + if [ $(check) -eq 0 ]; then + return; + fi + + cd /usr/src/app + node . & + echo $! > /tmp/app.pid +} + +stopApp() { + if [ -f /tmp/app.pid ]; then + kill `cat /tmp/app.pid` + rm /tmp/app.pid + fi +} + +restartApp() { + touch /tmp/app.restart + stopApp + startApp + rm /tmp/app.restart +} + +check() { + if [ -f /tmp/app.restart ]; then + echo 0; + return; + fi + + if [ ! -f /tmp/app.pid ]; then + echo 1; + return; + fi + + PID=$(cat /tmp/app.pid) + if [ ! -d /proc/$PID ]; then + echo 1; + else + echo 0; + fi +} + +waitApp() { + while [ $(check) -eq 0 ]; do + sleep 1; + done +} + +checkApp() { + exit $(check) +} + +case "$1" in + start) + startApp + ;; + stop) + stopApp + ;; + restart) + restartApp + ;; + wait) + waitApp + ;; + check) + checkApp + ;; + *) + echo "start | stop | restart | wait | check" + exit 1 +esac + +exit 0 diff --git a/microservice/bin/automigrate.js b/microservice/bin/automigrate.js new file mode 100644 index 0000000..e2f79fc --- /dev/null +++ b/microservice/bin/automigrate.js @@ -0,0 +1,37 @@ +// Copyright IBM Corp. 2015,2016. All Rights Reserved. +// Node module: loopback-example-database +// This file is licensed under the MIT License. +// License text available at https://opensource.org/licenses/MIT + +var path = require('path'); + +var app = require(path.resolve(__dirname, '../server/server')); +var ds = app.datasources.accountDS; +ds.automigrate('Account', function(err) { + if (err) throw err; + + var accounts = [ + { + email: 'john.doe@ibm.com', + createdAt: new Date(), + lastModifiedAt: new Date(), + }, + { + email: 'jane.doe@ibm.com', + createdAt: new Date(), + lastModifiedAt: new Date(), + }, + ]; + var count = accounts.length; + accounts.forEach(function(account) { + app.models.Account.create(account, function(err, model) { + if (err) throw err; + + console.log('Created:', model); + + count--; + if (count === 0) + ds.disconnect(); + }); + }); +}); diff --git a/microservice/bin/instance-introspection.js b/microservice/bin/instance-introspection.js new file mode 100644 index 0000000..be8eabf --- /dev/null +++ b/microservice/bin/instance-introspection.js @@ -0,0 +1,28 @@ +// Copyright IBM Corp. 2015,2016. All Rights Reserved. +// Node module: loopback-example-database +// This file is licensed under the MIT License. +// License text available at https://opensource.org/licenses/MIT + +var path = require('path'); + +var app = require(path.resolve(__dirname, '../server/server')); +var ds = app.datasources.accountDS; + +var account = { + email: 'bob.doe@ibm.com', + createdAt: new Date(), + lastModifiedAt: new Date(), +}; +var opts = { + idInjection: true, +}; +var Account = ds.buildModelFromInstance('Account', account, opts); + +var instance = new Account(account); +Account.create(instance, function(err, model) { + if (err) throw err; + + console.log('Created:', model); + + ds.disconnect(); +}); diff --git a/microservice/client/README.md b/microservice/client/README.md new file mode 100644 index 0000000..dd00c9e --- /dev/null +++ b/microservice/client/README.md @@ -0,0 +1,3 @@ +## Client + +This is the place for your application front-end files. diff --git a/microservice/common/models/account.js b/microservice/common/models/account.js new file mode 100644 index 0000000..f89e7e4 --- /dev/null +++ b/microservice/common/models/account.js @@ -0,0 +1,8 @@ +// Copyright IBM Corp. 2015. All Rights Reserved. +// Node module: loopback-example-database +// This file is licensed under the MIT License. +// License text available at https://opensource.org/licenses/MIT + +module.exports = function(Account) { + +}; diff --git a/microservice/common/models/account.json b/microservice/common/models/account.json new file mode 100644 index 0000000..c4802fe --- /dev/null +++ b/microservice/common/models/account.json @@ -0,0 +1,23 @@ +{ + "name": "Account", + "base": "PersistedModel", + "idInjection": true, + "options": { + "validateUpsert": true + }, + "properties": { + "email": { + "type": "string" + }, + "createdAt": { + "type": "date" + }, + "lastModifiedAt": { + "type": "date" + } + }, + "validations": [], + "relations": {}, + "acls": [], + "methods": {} +} diff --git a/microservice/definitions/loopback-example-database-product.yaml b/microservice/definitions/loopback-example-database-product.yaml new file mode 100644 index 0000000..923dad8 --- /dev/null +++ b/microservice/definitions/loopback-example-database-product.yaml @@ -0,0 +1,25 @@ +product: '1.0.0' + +info: + name: loopback-example-database + title: loopback-example-database + version: 1.0.0 + +apis: + 'loopback-example-database': + $ref: loopback-example-database.yaml + +visibility: + view: + type: public + subscribe: + type: authenticated + +plans: + default: + title: Default Plan + description: Default Plan + approval: false + rate-limit: + value: 100/hour + hard-limit: false diff --git a/microservice/definitions/loopback-example-database.yaml b/microservice/definitions/loopback-example-database.yaml new file mode 100644 index 0000000..2cff994 --- /dev/null +++ b/microservice/definitions/loopback-example-database.yaml @@ -0,0 +1,1115 @@ +swagger: '2.0' + +info: + x-ibm-name: loopback-example-database + version: 1.0.0 + title: loopback-example-database + +schemes: + - https +host: $(catalog.host) +basePath: /api + +consumes: + - application/json +produces: + - application/json + +securityDefinitions: + clientIdHeader: + type: apiKey + in: header + name: X-IBM-Client-Id + clientSecretHeader: + in: header + name: X-IBM-Client-Secret + type: apiKey + + +security: + - + clientIdHeader: [] + clientSecretHeader: [] + +x-ibm-configuration: + testable: true + enforced: true + cors: + enabled: true + catalogs: + apic-dev: + properties: + runtime-url: $(TARGET_URL) + sb: + properties: + runtime-url: 'http://microservice:8080' + assembly: + execute: + - invoke: + target-url: $(runtime-url)$(request.path)$(request.search) + properties: + runtime-url: + value: '' + description: '' + encoded: false + +paths: + '/Users/{id}/accessTokens/{fk}': + get: + tags: + - User + summary: Find a related item by id for accessTokens. + operationId: User.prototype.__findById__accessTokens + parameters: + - name: fk + in: path + description: Foreign key for accessTokens + required: true + type: string + format: JSON + - name: id + in: path + description: User id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/AccessToken' + deprecated: false + delete: + tags: + - User + summary: Delete a related item by id for accessTokens. + operationId: User.prototype.__destroyById__accessTokens + parameters: + - name: fk + in: path + description: Foreign key for accessTokens + required: true + type: string + format: JSON + - name: id + in: path + description: User id + required: true + type: string + format: JSON + responses: + '204': + description: Request was successful + deprecated: false + put: + tags: + - User + summary: Update a related item by id for accessTokens. + operationId: User.prototype.__updateById__accessTokens + parameters: + - name: fk + in: path + description: Foreign key for accessTokens + required: true + type: string + format: JSON + - name: data + in: body + required: false + schema: + $ref: '#/definitions/AccessToken' + - name: id + in: path + description: User id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/AccessToken' + deprecated: false + '/Users/{id}/accessTokens': + get: + tags: + - User + summary: Queries accessTokens of User. + operationId: User.prototype.__get__accessTokens + parameters: + - name: filter + in: query + required: false + type: string + format: JSON + - name: id + in: path + description: User id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + type: array + items: + $ref: '#/definitions/AccessToken' + deprecated: false + post: + tags: + - User + summary: Creates a new instance in accessTokens of this model. + operationId: User.prototype.__create__accessTokens + parameters: + - name: data + in: body + required: false + schema: + $ref: '#/definitions/AccessToken' + - name: id + in: path + description: User id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/AccessToken' + deprecated: false + delete: + tags: + - User + summary: Deletes all accessTokens of this model. + operationId: User.prototype.__delete__accessTokens + parameters: + - name: id + in: path + description: User id + required: true + type: string + format: JSON + responses: + '204': + description: Request was successful + deprecated: false + '/Users/{id}/accessTokens/count': + get: + tags: + - User + summary: Counts accessTokens of User. + operationId: User.prototype.__count__accessTokens + parameters: + - name: where + in: query + description: Criteria to match model instances + required: false + type: string + format: JSON + - name: id + in: path + description: User id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + type: object + properties: + count: + type: number + format: double + deprecated: false + /Users: + post: + tags: + - User + summary: Create a new instance of the model and persist it into the data source. + operationId: User.create + parameters: + - name: data + in: body + description: Model instance data + required: false + schema: + description: Model instance data + $ref: '#/definitions/User' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/User' + deprecated: false + patch: + tags: + - User + summary: >- + Patch an existing model instance or insert a new one into the data + source. + operationId: User.patchOrCreate + parameters: + - name: data + in: body + description: Model instance data + required: false + schema: + description: Model instance data + $ref: '#/definitions/User' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/User' + deprecated: false + put: + tags: + - User + summary: >- + Replace an existing model instance or insert a new one into the data + source. + operationId: User.replaceOrCreate__put_Users + parameters: + - name: data + in: body + description: Model instance data + required: false + schema: + description: Model instance data + $ref: '#/definitions/User' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/User' + deprecated: false + get: + tags: + - User + summary: Find all instances of the model matched by filter from the data source. + operationId: User.find + parameters: + - name: filter + in: query + description: 'Filter defining fields, where, include, order, offset, and limit' + required: false + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + type: array + items: + $ref: '#/definitions/User' + deprecated: false + /Users/replaceOrCreate: + post: + tags: + - User + summary: >- + Replace an existing model instance or insert a new one into the data + source. + operationId: User.replaceOrCreate__post_Users_replaceOrCreate + parameters: + - name: data + in: body + description: Model instance data + required: false + schema: + description: Model instance data + $ref: '#/definitions/User' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/User' + deprecated: false + /Users/upsertWithWhere: + post: + tags: + - User + summary: >- + Update an existing model instance or insert a new one into the data + source based on the where criteria. + operationId: User.upsertWithWhere + parameters: + - name: where + in: query + description: Criteria to match model instances + required: false + type: string + format: JSON + - name: data + in: body + description: An object of model property name/value pairs + required: false + schema: + description: An object of model property name/value pairs + $ref: '#/definitions/User' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/User' + deprecated: false + '/Users/{id}/exists': + get: + tags: + - User + summary: Check whether a model instance exists in the data source. + operationId: 'User.exists__get_Users_{id}_exists' + parameters: + - name: id + in: path + description: Model id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + type: object + properties: + exists: + type: boolean + deprecated: false + '/Users/{id}': + head: + tags: + - User + summary: Check whether a model instance exists in the data source. + operationId: 'User.exists__head_Users_{id}' + parameters: + - name: id + in: path + description: Model id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + type: object + properties: + exists: + type: boolean + deprecated: false + get: + tags: + - User + summary: 'Find a model instance by {{id}} from the data source.' + operationId: User.findById + parameters: + - name: id + in: path + description: Model id + required: true + type: string + format: JSON + - name: filter + in: query + description: Filter defining fields and include + required: false + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/User' + deprecated: false + put: + tags: + - User + summary: >- + Replace attributes for a model instance and persist it into the data + source. + operationId: 'User.replaceById__put_Users_{id}' + parameters: + - name: id + in: path + description: Model id + required: true + type: string + format: JSON + - name: data + in: body + description: Model instance data + required: false + schema: + description: Model instance data + $ref: '#/definitions/User' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/User' + deprecated: false + delete: + tags: + - User + summary: 'Delete a model instance by {{id}} from the data source.' + operationId: User.deleteById + parameters: + - name: id + in: path + description: Model id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + type: object + deprecated: false + patch: + tags: + - User + summary: >- + Patch attributes for a model instance and persist it into the data + source. + operationId: User.prototype.patchAttributes + parameters: + - name: data + in: body + description: An object of model property name/value pairs + required: false + schema: + description: An object of model property name/value pairs + $ref: '#/definitions/User' + - name: id + in: path + description: User id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/User' + deprecated: false + '/Users/{id}/replace': + post: + tags: + - User + summary: >- + Replace attributes for a model instance and persist it into the data + source. + operationId: 'User.replaceById__post_Users_{id}_replace' + parameters: + - name: id + in: path + description: Model id + required: true + type: string + format: JSON + - name: data + in: body + description: Model instance data + required: false + schema: + description: Model instance data + $ref: '#/definitions/User' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/User' + deprecated: false + /Users/findOne: + get: + tags: + - User + summary: Find first instance of the model matched by filter from the data source. + operationId: User.findOne + parameters: + - name: filter + in: query + description: 'Filter defining fields, where, include, order, offset, and limit' + required: false + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/User' + deprecated: false + /Users/update: + post: + tags: + - User + summary: 'Update instances of the model matched by {{where}} from the data source.' + operationId: User.updateAll + parameters: + - name: where + in: query + description: Criteria to match model instances + required: false + type: string + format: JSON + - name: data + in: body + description: An object of model property name/value pairs + required: false + schema: + description: An object of model property name/value pairs + $ref: '#/definitions/User' + responses: + '200': + description: Request was successful + schema: + description: Information related to the outcome of the operation + type: object + properties: + count: + description: The number of instances updated + type: number + format: double + deprecated: false + /Users/count: + get: + tags: + - User + summary: Count instances of the model matched by where from the data source. + operationId: User.count + parameters: + - name: where + in: query + description: Criteria to match model instances + required: false + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + type: object + properties: + count: + type: number + format: double + deprecated: false + /Users/login: + post: + tags: + - User + summary: Login a user with username/email and password. + operationId: User.login + parameters: + - name: credentials + in: body + required: true + schema: + type: object + - name: include + in: query + description: >- + Related objects to include in the response. See the description of + return value for more details. + required: false + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + description: >+ + The response body contains properties of the AccessToken created + on login. + + Depending on the value of `include` parameter, the body may + contain additional properties: + + - `user` - `U+007BUserU+007D` - Data of the currently logged in user. (`include=user`) + + type: object + deprecated: false + /Users/logout: + post: + tags: + - User + summary: Logout a user with access token. + operationId: User.logout + parameters: [] + responses: + '204': + description: Request was successful + deprecated: false + /Users/confirm: + get: + tags: + - User + summary: Confirm a user registration with email verification token. + operationId: User.confirm + parameters: + - name: uid + in: query + required: true + type: string + - name: token + in: query + required: true + type: string + - name: redirect + in: query + required: false + type: string + responses: + '204': + description: Request was successful + deprecated: false + /Users/reset: + post: + tags: + - User + summary: Reset password for a user with email. + operationId: User.resetPassword + parameters: + - name: options + in: body + required: true + schema: + type: object + responses: + '204': + description: Request was successful + deprecated: false + /Accounts: + post: + tags: + - Account + summary: Create a new instance of the model and persist it into the data source. + operationId: Account.create + parameters: + - name: data + in: body + description: Model instance data + required: false + schema: + description: Model instance data + $ref: '#/definitions/Account' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/Account' + deprecated: false + patch: + tags: + - Account + summary: >- + Patch an existing model instance or insert a new one into the data + source. + operationId: Account.patchOrCreate + parameters: + - name: data + in: body + description: Model instance data + required: false + schema: + description: Model instance data + $ref: '#/definitions/Account' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/Account' + deprecated: false + put: + tags: + - Account + summary: >- + Replace an existing model instance or insert a new one into the data + source. + operationId: Account.replaceOrCreate__put_Accounts + parameters: + - name: data + in: body + description: Model instance data + required: false + schema: + description: Model instance data + $ref: '#/definitions/Account' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/Account' + deprecated: false + get: + tags: + - Account + summary: Find all instances of the model matched by filter from the data source. + operationId: Account.find + parameters: + - name: filter + in: query + description: 'Filter defining fields, where, include, order, offset, and limit' + required: false + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + type: array + items: + $ref: '#/definitions/Account' + deprecated: false + /Accounts/replaceOrCreate: + post: + tags: + - Account + summary: >- + Replace an existing model instance or insert a new one into the data + source. + operationId: Account.replaceOrCreate__post_Accounts_replaceOrCreate + parameters: + - name: data + in: body + description: Model instance data + required: false + schema: + description: Model instance data + $ref: '#/definitions/Account' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/Account' + deprecated: false + /Accounts/upsertWithWhere: + post: + tags: + - Account + summary: >- + Update an existing model instance or insert a new one into the data + source based on the where criteria. + operationId: Account.upsertWithWhere + parameters: + - name: where + in: query + description: Criteria to match model instances + required: false + type: string + format: JSON + - name: data + in: body + description: An object of model property name/value pairs + required: false + schema: + description: An object of model property name/value pairs + $ref: '#/definitions/Account' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/Account' + deprecated: false + '/Accounts/{id}/exists': + get: + tags: + - Account + summary: Check whether a model instance exists in the data source. + operationId: 'Account.exists__get_Accounts_{id}_exists' + parameters: + - name: id + in: path + description: Model id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + type: object + properties: + exists: + type: boolean + deprecated: false + '/Accounts/{id}': + head: + tags: + - Account + summary: Check whether a model instance exists in the data source. + operationId: 'Account.exists__head_Accounts_{id}' + parameters: + - name: id + in: path + description: Model id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + type: object + properties: + exists: + type: boolean + deprecated: false + get: + tags: + - Account + summary: 'Find a model instance by {{id}} from the data source.' + operationId: Account.findById + parameters: + - name: id + in: path + description: Model id + required: true + type: string + format: JSON + - name: filter + in: query + description: Filter defining fields and include + required: false + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/Account' + deprecated: false + put: + tags: + - Account + summary: >- + Replace attributes for a model instance and persist it into the data + source. + operationId: 'Account.replaceById__put_Accounts_{id}' + parameters: + - name: id + in: path + description: Model id + required: true + type: string + format: JSON + - name: data + in: body + description: Model instance data + required: false + schema: + description: Model instance data + $ref: '#/definitions/Account' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/Account' + deprecated: false + delete: + tags: + - Account + summary: 'Delete a model instance by {{id}} from the data source.' + operationId: Account.deleteById + parameters: + - name: id + in: path + description: Model id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + type: object + deprecated: false + patch: + tags: + - Account + summary: >- + Patch attributes for a model instance and persist it into the data + source. + operationId: Account.prototype.patchAttributes + parameters: + - name: data + in: body + description: An object of model property name/value pairs + required: false + schema: + description: An object of model property name/value pairs + $ref: '#/definitions/Account' + - name: id + in: path + description: PersistedModel id + required: true + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/Account' + deprecated: false + '/Accounts/{id}/replace': + post: + tags: + - Account + summary: >- + Replace attributes for a model instance and persist it into the data + source. + operationId: 'Account.replaceById__post_Accounts_{id}_replace' + parameters: + - name: id + in: path + description: Model id + required: true + type: string + format: JSON + - name: data + in: body + description: Model instance data + required: false + schema: + description: Model instance data + $ref: '#/definitions/Account' + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/Account' + deprecated: false + /Accounts/findOne: + get: + tags: + - Account + summary: Find first instance of the model matched by filter from the data source. + operationId: Account.findOne + parameters: + - name: filter + in: query + description: 'Filter defining fields, where, include, order, offset, and limit' + required: false + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + $ref: '#/definitions/Account' + deprecated: false + /Accounts/update: + post: + tags: + - Account + summary: 'Update instances of the model matched by {{where}} from the data source.' + operationId: Account.updateAll + parameters: + - name: where + in: query + description: Criteria to match model instances + required: false + type: string + format: JSON + - name: data + in: body + description: An object of model property name/value pairs + required: false + schema: + description: An object of model property name/value pairs + $ref: '#/definitions/Account' + responses: + '200': + description: Request was successful + schema: + description: Information related to the outcome of the operation + type: object + properties: + count: + description: The number of instances updated + type: number + format: double + deprecated: false + /Accounts/count: + get: + tags: + - Account + summary: Count instances of the model matched by where from the data source. + operationId: Account.count + parameters: + - name: where + in: query + description: Criteria to match model instances + required: false + type: string + format: JSON + responses: + '200': + description: Request was successful + schema: + type: object + properties: + count: + type: number + format: double + deprecated: false + + +definitions: + x-any: + properties: {} + AccessToken: + properties: + id: + type: string + ttl: + default: 1209600 + description: time to live in seconds (2 weeks by default) + type: number + format: double + created: + type: string + format: date-time + userId: + type: number + format: double + required: + - id + additionalProperties: false + User: + properties: + realm: + type: string + username: + type: string + email: + type: string + emailVerified: + type: boolean + id: + type: number + format: double + required: + - email + additionalProperties: false + Account: + properties: + email: + type: string + createdAt: + type: string + format: date-time + lastModifiedAt: + type: string + format: date-time + id: + $ref: '#/definitions/ObjectID' + additionalProperties: false + ObjectID: + type: string + pattern: '^[a-fA-F\d]{24}$' + diff --git a/microservice/package.json b/microservice/package.json new file mode 100644 index 0000000..d408581 --- /dev/null +++ b/microservice/package.json @@ -0,0 +1,31 @@ +{ + "name": "loopback-example-database", + "version": "2.0.0", + "main": "server/server.js", + "scripts": { + "start": "node .", + "lint": "eslint .", + "test": "tape test/*.js", + "posttest": "npm run lint" + }, + "dependencies": { + "compression": "^1.0.3", + "cors": "^2.8.1", + "loopback": "^3.0.0", + "loopback-boot": "^2.6.5", + "loopback-component-explorer": "^2.1.0", + "serve-favicon": "^2.0.1", + "strong-error-handler": "^1.1.0" + }, + "devDependencies": { + "eslint": "^2.7.0", + "eslint-config-loopback": "^1.0.0", + "tape": "^4.2.2" + }, + "repository": { + "type": "git", + "url": "https://github.com/strongloop/loopback-example-database" + }, + "description": "loopback-example-database", + "license": "MIT" +} diff --git a/microservice/server/boot/authentication.js b/microservice/server/boot/authentication.js new file mode 100644 index 0000000..2cd9389 --- /dev/null +++ b/microservice/server/boot/authentication.js @@ -0,0 +1,9 @@ +// Copyright IBM Corp. 2014. All Rights Reserved. +// Node module: loopback-example-database +// This file is licensed under the MIT License. +// License text available at https://opensource.org/licenses/MIT + +module.exports = function enableAuthentication(server) { + // enable authentication + server.enableAuth(); +}; diff --git a/microservice/server/boot/root.js b/microservice/server/boot/root.js new file mode 100644 index 0000000..8e22f8a --- /dev/null +++ b/microservice/server/boot/root.js @@ -0,0 +1,11 @@ +// Copyright IBM Corp. 2014. All Rights Reserved. +// Node module: loopback-example-database +// This file is licensed under the MIT License. +// License text available at https://opensource.org/licenses/MIT + +module.exports = function(server) { + // Install a `/` route that returns server status + var router = server.loopback.Router(); + router.get('/', server.loopback.status()); + server.use(router); +}; diff --git a/microservice/server/component-config.json b/microservice/server/component-config.json new file mode 100644 index 0000000..f36959a --- /dev/null +++ b/microservice/server/component-config.json @@ -0,0 +1,5 @@ +{ + "loopback-component-explorer": { + "mountPath": "/explorer" + } +} diff --git a/microservice/server/config.json b/microservice/server/config.json new file mode 100644 index 0000000..bf46eb4 --- /dev/null +++ b/microservice/server/config.json @@ -0,0 +1,23 @@ +{ + "restApiRoot": "/api", + "host": "0.0.0.0", + "port": 3000, + "remoting": { + "context": false, + "rest": { + "normalizeHttpPath": false, + "xml": false + }, + "json": { + "strict": false, + "limit": "100kb" + }, + "urlencoded": { + "extended": true, + "limit": "100kb" + }, + "cors": false, + "errorHandler": false + }, + "legacyExplorer": false +} diff --git a/microservice/server/datasources.json b/microservice/server/datasources.json new file mode 100644 index 0000000..d6caf56 --- /dev/null +++ b/microservice/server/datasources.json @@ -0,0 +1,6 @@ +{ + "db": { + "name": "db", + "connector": "memory" + } +} diff --git a/microservice/server/middleware.json b/microservice/server/middleware.json new file mode 100644 index 0000000..9fbfdec --- /dev/null +++ b/microservice/server/middleware.json @@ -0,0 +1,32 @@ +{ + "initial:before": { + "loopback#favicon": {} + }, + "initial": { + "compression": {}, + "cors": { + "params": { + "origin": true, + "credentials": true, + "maxAge": 86400 + } + } + }, + "session": {}, + "auth": {}, + "parse": {}, + "routes": { + "loopback#rest": { + "paths": [ + "${restApiRoot}" + ] + } + }, + "files": {}, + "final": { + "loopback#urlNotFound": {} + }, + "final:after": { + "strong-error-handler": {} + } +} diff --git a/microservice/server/middleware.production.json b/microservice/server/middleware.production.json new file mode 100644 index 0000000..bbaca1d --- /dev/null +++ b/microservice/server/middleware.production.json @@ -0,0 +1,4 @@ +{ + "final:after": { + } +} diff --git a/microservice/server/model-config.json b/microservice/server/model-config.json new file mode 100644 index 0000000..3106a15 --- /dev/null +++ b/microservice/server/model-config.json @@ -0,0 +1,39 @@ +{ + "_meta": { + "sources": [ + "loopback/common/models", + "loopback/server/models", + "../common/models", + "./models" + ], + "mixins": [ + "loopback/common/mixins", + "loopback/server/mixins", + "../common/mixins", + "./mixins" + ] + }, + "User": { + "dataSource": "db" + }, + "AccessToken": { + "dataSource": "db", + "public": false + }, + "ACL": { + "dataSource": "db", + "public": false + }, + "RoleMapping": { + "dataSource": "db", + "public": false + }, + "Role": { + "dataSource": "db", + "public": false + }, + "Account": { + "dataSource": "db", + "public": true + } +} diff --git a/microservice/server/server.js b/microservice/server/server.js new file mode 100644 index 0000000..7f5709d --- /dev/null +++ b/microservice/server/server.js @@ -0,0 +1,32 @@ +// Copyright IBM Corp. 2014,2015. All Rights Reserved. +// Node module: loopback-example-database +// This file is licensed under the MIT License. +// License text available at https://opensource.org/licenses/MIT + +var loopback = require('loopback'); +var boot = require('loopback-boot'); + +var app = module.exports = loopback(); + +app.start = function() { + // start the web server + return app.listen(function() { + app.emit('started'); + var baseUrl = app.get('url').replace(/\/$/, ''); + console.log('Web server listening at: %s', baseUrl); + if (app.get('loopback-component-explorer')) { + var explorerPath = app.get('loopback-component-explorer').mountPath; + console.log('Browse your REST API at %s%s', baseUrl, explorerPath); + } + }); +}; + +// Bootstrap the application, configure models, datasources and middleware. +// Sub-apps like REST API are mounted via boot scripts. +boot(app, __dirname, function(err) { + if (err) throw err; + + // start the server if `$ node server.js` + if (require.main === module) + app.start(); +}); diff --git a/microservice/test/smoke.js b/microservice/test/smoke.js new file mode 100644 index 0000000..074595b --- /dev/null +++ b/microservice/test/smoke.js @@ -0,0 +1,11 @@ +// Copyright IBM Corp. 2015. All Rights Reserved. +// Node module: loopback-example-database +// This file is licensed under the MIT License. +// License text available at https://opensource.org/licenses/MIT + +var test = require('tape'); + +test('smoke test', function(t) { + t.equal(1, 1); + t.end(); +}); diff --git a/sni-proxy/Dockerfile b/sni-proxy/Dockerfile new file mode 100644 index 0000000..7413de7 --- /dev/null +++ b/sni-proxy/Dockerfile @@ -0,0 +1,5 @@ +FROM nginx +ADD nginx.tmpl /etc/nginx/ +ADD run.sh / +RUN chmod +x /run.sh +CMD /run.sh diff --git a/sni-proxy/nginx.tmpl b/sni-proxy/nginx.tmpl new file mode 100644 index 0000000..ba292d6 --- /dev/null +++ b/sni-proxy/nginx.tmpl @@ -0,0 +1,34 @@ +worker_processes auto; + +error_log /var/log/nginx/error.log info; + +events { + worker_connections 1024; +} + +stream { + map $ssl_preread_server_name $name { + PORTAL portal_backend; + APIM apim_backend; + GATEWAY gateway_backend; + default gateway_backend; + } + + upstream apim_backend { + server APIM:443; + } + + upstream portal_backend { + server PORTAL:443; + } + + upstream gateway_backend { + server GATEWAY:443; + } + + server { + listen 0.0.0.0:443; + proxy_pass $name; + ssl_preread on; + } +} diff --git a/sni-proxy/run.sh b/sni-proxy/run.sh new file mode 100755 index 0000000..d5de9f8 --- /dev/null +++ b/sni-proxy/run.sh @@ -0,0 +1,8 @@ +#!/bin/bash -ex + +cp -f /etc/nginx/nginx.tmpl /etc/nginx/nginx.conf +sed -i -e "s/APIM/${APIM_DNS}/g" /etc/nginx/nginx.conf +sed -i -e "s/PORTAL/${PORTAL_DNS}/g" /etc/nginx/nginx.conf +sed -i -e "s/GATEWAY/${GATEWAY_DNS}/g" /etc/nginx/nginx.conf +cat /etc/nginx/nginx.conf +exec nginx -g "daemon off;" \ No newline at end of file